YIG-ENT-01
Enterprise Agent
on duty
YiG Enterprise · governance for institutions
Your VPC. Your keys. Your audit log.
The security team reviews before the CFO signs off. YiG Enterprise is designed for that review: self-hosted in your cloud, SAML SSO on every door, append-only audit log on every run, and no YiG-hosted copy of your financial data.
Capabilities
SAML SSO
Okta, Azure AD, Google Workspace. One identity provider for all agents and sessions. No separate YiG credentials to manage.
Append-only audit log
Every run, tool call, draft, and reviewer action logged with name, timestamp, and diff. Sufficient evidence for a downstream audit without access to the agent runtime.
Role-based access control
Permissions down to individual tool and data-source level. An analyst can run a workflow; only the authorised reviewer approves the output. No configuration sprawl.
Isolated namespaces
Fully isolated per team. Shared infrastructure, zero cross-tenant data exposure. Each team's agents and audit logs are unreachable from any other.
Self-hosted in your VPC
Run inside your own cloud account. Docker-ready, Kubernetes profile included. Customer data never transits YiG infrastructure.
Sandboxed code execution
Every agent code run is isolated in a container. No host access. No cross-namespace bleed. The sandbox cannot phone home.
∴ night shift · agent run
∴ night shift · yig-ent-01
what your auditor sees
AUDIT-TRAIL / ACME-CORP draft
2026-05-07T08:00:01Z BOOT instance=acme-corp.yig.internal mode=self-hosted
2026-05-07T08:00:02Z AUTH [email protected] method=SAML-Okta session=8h
2026-05-07T08:00:12Z RUN agent=YIG-ENT-01 workflow=gl-reconciliation ns=acme-corp
2026-05-07T08:00:14Z SANDBOX code-exec=isolated host-access=denied cross-ns=denied
2026-05-07T08:41:31Z WAIT event=human-approval [email protected]
2026-05-07T08:41:32Z APPROVE [email protected] output=posted log=immutable
prepared by YiG · run by YIG-ENT-01 every action logged