Governance for how AI touches your data
Govern how your people and your AI agents use AI.
One policy, one audit trail - across the people who use AI chat (Sovara Browser) and the agents that call your tools (Sovara Gateway). Checked where the data is, not in someone else’s cloud.

Two products, one policy

Sovara Browser
Governance for peopleStop secrets, PII and card numbers leaking into ChatGPT and other AI chat - checked locally, before Send. Free for individuals.
Sovara Browser →
Sovara Gateway
Governance for AI agentsAudit, policy and redaction for AI agents' tool calls (MCP). Deploy in your own Azure or self-host.
Sovara Gateway →Latest posts
All posts →Privilege at the Tool Call: AI Agents Inside Law and IP Firms
Law and IP firms handle information where confidentiality is not a compliance box. It is the product. An AI agent with unrestricted tool access can waive legal professional privilege by surfacing protected material in the wrong context.
No Journal Postings at 3am: Time-Windowed Access as a Control
An allowlist controls which tools an AI agent can call. A time window controls when. A legitimate tool call at the wrong time is not legitimate at all.
Deny by Default: How AI Agents Quietly Accumulate Excessive Privilege
MCP servers expose every tool equally. The finance agent that posts journals can also call delete_account. Human users go through access reviews. AI agents get full tool access on day one.
Consulting
Need help deploying MCP at scale?
I also take on consulting work for teams rolling out Model Context Protocol across enterprise estates. Azure-heavy, integration-heavy, evidence-first.
Talk about an engagement →Open Source
APIM MCP Reference Architecture
Production-ready Terraform modules to deploy Entra ID governed Model Context Protocol servers behind Azure API Management.
View on GitHub →