An official platform for U.S. government & enterprise AI oversight
FedRAMP High · In process
AiTail.
Audit & Integrity Technical Intelligence Layer
Compliance advisory · v4.02

The unified standard for AI auditing & federal governance.

AiTail bridges the gap between Fortune-500 enterprise agility and federal regulatory rigor. Deploy autonomous audit layers that satisfy board-level risk committees and agency ATO panels — from the same control plane.

For boardrooms
SOC 2 · ISO 27001 · GDPR
For agencies
FedRAMP High · FISMA · CJIS
For defense
IL5 · IL6 · CMMC 2.0 L3
For regulators
NIST AI RMF · EO 14110
Verified for enterprise & agency infrastructure
DEPT_OF_DEFENSE
FINRA_CORE
GLOBAL_BANK_X
HEALTH_FEDERAL
SEC_SYSTEMS
TREASURY_OPS
NORTH-STAR_INDUSTRIAL
PUBLIC ANCHOR #54,228,901 ✓FEDRAMP HIGH BOUNDARY ACTIVEFIPS 140-3 MODULE CERT. #4623NIST AI RMF · 1.0 ALIGNEDOMB M-24-10 · §5(c) READYSOC 2 TYPE II · ISO/IEC 27001CJIS · v5.9.5 CONFORMANTDOD IL5 ENCLAVE OPERATIONALSECTION 508 · WCAG 2.1 AATIC 3.0 · CISA TRUSTED INTERNETPUBLIC ANCHOR #54,228,901 ✓FEDRAMP HIGH BOUNDARY ACTIVEFIPS 140-3 MODULE CERT. #4623NIST AI RMF · 1.0 ALIGNEDOMB M-24-10 · §5(c) READYSOC 2 TYPE II · ISO/IEC 27001CJIS · v5.9.5 CONFORMANTDOD IL5 ENCLAVE OPERATIONALSECTION 508 · WCAG 2.1 AATIC 3.0 · CISA TRUSTED INTERNETPUBLIC ANCHOR #54,228,901 ✓FEDRAMP HIGH BOUNDARY ACTIVEFIPS 140-3 MODULE CERT. #4623NIST AI RMF · 1.0 ALIGNEDOMB M-24-10 · §5(c) READYSOC 2 TYPE II · ISO/IEC 27001CJIS · v5.9.5 CONFORMANTDOD IL5 ENCLAVE OPERATIONALSECTION 508 · WCAG 2.1 AATIC 3.0 · CISA TRUSTED INTERNET
SECTION B — FIGURES FROM THE FIELD

The record, in numbers.

Self-reported · verified by ledger
Agency tenants
47
federal · state · local · tribal
Records under attestation
1.42B
since FY24
IG queries answered ledger-direct
9,118
FY25 to date
Median anchor latency
1.8s
edge → public ledger
Cabinet departments served
11 of 15
DoD components
6
State CIO offices
23
Average ATO acceleration
−71%
FOIA requests serviced via ledger
2,401
Findings reopened after attestation
0
Boundary uptime (90d)
99.997%
Cost per anchored record
$0.00004

Figures reflect production tenants under signed BAAs and IAAs as of the filing date. Per-agency totals are auditable through the ledger and published quarterly in the AiTail Transparency Bulletin (PDF, 47pp).

SECTION C — COMPLIANCE MATRIX

Twenty frameworks. One control plane. Evidence on demand.

FrameworkControl / scopeStatusEvidence pointer
FedRAMPHigh baseline (NIST 800-53 Rev 5, 421 controls)In processPackage FR2200000XXX · 3PAO: Coalfire
FISMAModerate & High system categorization (FIPS 199 / 200)MetSSP §3, POA&M current
NIST 800-53 Rev 5AU-2, AU-3, AU-9, AU-10, AU-12 (audit & accountability)MetContinuous attestation log
NIST AI RMF 1.0GOVERN · MAP · MEASURE · MANAGEMetProfile crosswalk, model cards
OMB M-24-10§5(c) minimum practices for rights- and safety-impacting AIMetInventory API + IA artifacts
EO 14110Dual-use, content provenance, watermark attestationMappedC2PA manifest co-anchoring
FIPS 140-3Cryptographic Module Validation (Level 2)MetCMVP cert. #4623
FIPS 199 / 200Security categorization & minimum baselineMetCategorization memo on file
DoD CC SRGImpact Level 5 (IL5) controlled unclassifiedMetDISA PA in place
DoD CC SRGImpact Level 6 (IL6) classified up to SECRETIn processSovereign tier · enclave install
CMMC 2.0Level 3 — Advanced (DIB contractors)MetC3PAO assessed, Q1 FY26
CJIS Security Policyv5.9.5 — criminal justice informationMetSigned agreement template
IRS Pub 1075Federal Tax Information (FTI) safeguardsMetSafeguard Security Report
StateRAMPHigh AuthorizationMetAuthorized · listing #SR-00481
HIPAA / HITECHCovered entity audit loggingMetBAA template, IRR audit
TIC 3.0Trusted Internet Connections (CISA) reference architectureMetPEP/MTIPS aligned
Zero Trust (CISA ZTMM)Pillars: Identity · Devices · Networks · Apps · DataMetZTMM Stage 3
Section 508 / WCAG 2.1 AAOperator surfaces accessibilityMetVPAT 2.4 Rev (NDA)
Federal Records ActRecords scheduling & NARA dispositionMetGRS 5.2, 6.5 mapping
Privacy Act / E-Gov §208SORN & PIA supportMetTemplate + reviewer workflow
Full SSP, SAR, and POA&M extracts available to contracting officers under NDA.Request the evidence room
SECTION D — SYSTEM ARCHITECTURE

Six layers. Every one inspectable. None of them able to rewrite history.

L1
Boundary redaction

PII, PHI, FTI, CUI, classified markers, code-secret patterns and 312 custom detectors run in a side-car proxy inside the agency VPC. The raw prompt never crosses the FedRAMP boundary. Detection runs on CPU-only Rust binaries; no model weights leave the enclave.

Rust · WASI · libsodium · Presidio-compat detectors
L2
Canonical hashing & signing

The redacted record is canonicalized (JCS, RFC 8785), reduced to a 32-byte SHA-256 digest, and signed Ed25519 inside a FIPS 140-3 Level 2 HSM (cert. #4623). The signature, not the content, becomes the artifact of record.

SHA-256 · Ed25519 · JCS RFC 8785 · CMVP #4623
L3
Public anchoring

Digests are batched into a per-tenant Merkle root every 1.6 seconds and submitted to the Stellar public ledger as a memo entry. Submission cost is paid out of a federated wallet; agencies hold zero crypto exposure.

Merkle (RFC 9162-compatible) · Stellar mainnet · 0.00001 XLM / tx
L4
Continuous attestation

An independent verifier process replays the chain against the agency archive every 30 seconds. Divergence raises a counter-signed alert to the agency SOC and to the AiTail trust desk within seconds, with a tamper-evident audit packet.

Detached verifier · OpenTelemetry · STIX 2.1 alerts
L5
Tenant archive

Sealed records live in an append-only, customer-keyed object store (S3 Object Lock in GovCloud, or on-prem MinIO with WORM). Every write is counter-signed at the storage layer; no operator role can mutate or delete history.

S3 Object Lock (GovCloud) · MinIO WORM · AWS KMS / on-prem HSM
L6
Key custody

Customer-managed keys via AWS KMS for GovCloud, Azure Government Key Vault, or on-prem Thales / Entrust nShield HSMs. CNSA 2.0 / post-quantum co-signing (ML-DSA / SLH-DSA) available on Sovereign tier.

KMS · nShield · Luna · CNSA 2.0 (optional ML-DSA)
Performance envelope
Edge redaction p50
12 ms
Edge redaction p99
38 ms
Signing throughput
9,400 / s · per HSM
Ledger anchor p50
1.74 s
Ledger anchor p99
3.10 s
Verifier reconciliation
30 s polling, 4 s alert
Hosting & residency
AWS GovCloud (US-East/West)
Primary
Azure Government (USGov-VA/TX)
Mirror
On-prem (RHEL 9 STIG)
Sovereign tier
IL5 enclave
DISA PA in place
IL6 enclave
In process (Q3 FY26)
Egress
TIC 3.0 PEP / MTIPS
Authority chain
Operator role
Read-only on hashes
Agency role
Read on archive (RBAC)
IG / OIG role
Read on hashes + verifier
AiTail SRE
No content access (math)
Key custody
Customer-managed (HSM)
Break-glass
M-of-N quorum, on-record
SECTION E — DATA FLOW

One annotated record, from operator prompt to public proof.

What follows is a real ingestion event from a state benefits-eligibility workflow, redacted at the agency boundary, hashed on the wire, and counter-signed by the public ledger within two seconds. The Inspector General can independently verify it with the published CLI.

Trace ID
int_8f3a…c021
Agency tenant
state-hhs-eligibility
Model
gpt-4o · 2024-08 (Azure Gov)
Region
usgov-virginia
Classification
CUI//SP-PRVCY
RECORD No. 54,228,901-A Counter-signed
Inbound · post-redaction

Caseworker reviews application for claimant [NAME], SSN [SSN], residing at [ADDR]. Internal note: escalate per §1902(a)(10) and verify eligibility category against case [CASE-ID].

4 PII removed (NIST SP 800-122)1 SSN patternJailbreak score: 0.02Sealed before storageCUI marker preserved
redaction-policy: agency/hhs/v17 · detectors: 312 active · runtime: 12.4ms
Public anchor · Stellar mainnet
9f3c7e2a18d54bb0e6cf09a4d2e1b78f4c61a09e3d8b22f7b1a55c0c4e84d3a1
Tx
bf91…a07e
Ledger
#54,228,901
Memo
HASH (32B)
Signer
HSM-CMVP-4623
Latency
1.74 s
Cost (agency)
$0.00004
Verify on public ledger

Inspector General note. The hash above can be recomputed from the agency archive using the open-source aitail-verify CLI. A mismatch — even by a single byte — produces a counter-signed alert and freezes that Trace ID from further processing.

SECTION F — STANDING
Independently assessed
FEDRAMP HIGHFISMA HIGHDOD IL5CJIS v5.9.5FIPS 140-3NIST AI RMF 1.0NIST 800-53 R5OMB M-24-10EO 14110STATERAMP HIGHCMMC L3SECTION 508TIC 3.0CISA ZTMM 3IRS PUB 1075
SECTION G — CASE FILE
State Department of Health & Human Services

From a 14-week IG audit cycle to ledger-direct attestation.

When a state HHS agency deployed an LLM-assisted eligibility triage workflow, its OIG required a verifiable record of every model call touching benefits decisions. AiTail replaced quarter-end manual reconciliation with a continuously witnessed ledger — and cut OIG response time from 14 weeks to 11 minutes.

Read the case file
OIG response time
14 wks → 11 min
Records under attestation
412M
Findings reopened
0
FOIA satisfied ledger-direct
1,204
"The first piece of AI infrastructure I have presented to the Governor's office without a single follow-up question from counsel."
— State Chief Information Security Officer
SECTION H — TESTIMONY

What the principals tell us.

"
It is the only AI audit trail our OIG has accepted without amendment.
Deputy CIO
Cabinet department · Washington, D.C.
"
Boundary redaction means CUI never leaves our enclave in the clear. That ended a two-year procurement debate in one meeting.
Chief Information Security Officer
DoD service component
"
We replaced an eighteen-person reconciliation team with a public ledger. The arithmetic was not subtle.
State Auditor
Office of the State Comptroller
SECTION I — PROCUREMENT

Three tiers. Five vehicles. No surprises at option-year renewal.

Civilian
$4,800
per month · GSA MAS
  • Up to 25M anchored records / mo
  • FedRAMP Moderate boundary
  • Single-region GovCloud
  • NIST AI RMF artifact pack
Open a civilian tenant
Federal High
$22,400
per month · GSA MAS
  • Unlimited anchored records
  • FedRAMP High boundary
  • Multi-region · IL4 / IL5
  • Named ATO liaison + 24×7
Request ATO briefing
Sovereign
Bespoke
On-prem · classified
  • Dedicated single-tenant deploy
  • IL5 / IL6 enclave install
  • Air-gap + offline anchoring
  • CNSA 2.0 post-quantum option
Contact the program office
Contracting vehicles

Available directly or through prime integrators. SAM.gov UEI and CAGE code provided on request to verified contracting officers.

  • GSA Multiple Award Schedule (MAS) · SIN 518210C
  • SEWP V · Group A
  • CIO-SP3 Small Business
  • OASIS+ Unrestricted
  • State cooperative purchasing (NASPO ValuePoint)
SECTION J — STANDING QUESTIONS

What general counsel, the CIO, and the IG ask — in order.

No. Only a 32-byte SHA-256 digest of the redacted record is submitted as a memo entry. Content remains inside the agency tenant — typically a FedRAMP High enclave or an on-premises archive. The ledger holds proof of existence, never the artifact itself.

SECTION K — REQUEST AN ATO BRIEFING

Open the public ledger for your agency's AI.

Briefings run 45 minutes with our federal program office. We will scope your model inventory, OMB M-24-10 reporting posture, FedRAMP boundary fit, and the exact evidence packet your Authorizing Official expects to receive.