Action Governance
Evaluate risky actions and apply deterministic outcomes: allow, redact, hold for approval, or block.
ControlGate | Enterprise Product
Govern High-Risk AI Actions in Microsoft 365
ControlGate gives security and operations teams action-level governance for risky AI behavior, including hold/approve/reject workflows and evidence continuity across critical M365 pathways.
Policy-driven controls
Manual intervention workflow
Audit-ready evidence
Cloudflare-first target architecture
M365-native governance focus
Why Security Teams Choose ControlGate
Most tools stop at alerts. ControlGate is built for intervention outcomes that can be defended in internal governance reviews and external audit discussions.
Intervention Workflow
Manual reviewers can release or reject held actions with explicit notes and traceable decision records.
Evidence Continuity
Events, approvals, decisions, and audit entries remain linked for operational reviews and compliance evidence.
How ControlGate Works
A practical four-step operating model designed for enterprise governance with manageable operational overhead.
- 1) ConnectConnect M365 and native governance pathways.
- 2) GovernApply policy and risk scoring to actions in context.
- 3) InterveneHold, review, release, redact, or reject where needed.
- 4) EvidenceCapture action logs and audit trails for review and reporting.
Live UAT Proof
Manual Release Scenario
A risky Outlook flow was held as RequireApproval, then manually released by reviewer action with final action-log state set to RELEASED_APPROVED.
Approval workflow validated
Audit chain captured
Live UAT Proof
Manual Reject/Block Scenario
A high-risk Outlook-to-Copilot pattern was held for review and then rejected, producing a final blocked outcome with explicit resolution notes and audit events.
Reject path validated
Blocked outcome visible
Commercial Model
Enterprise-grade governance with clear tiering and optional autonomous protection add-ons where relevant.
Starter
Core governance baseline for human-risk controls and practical onboarding.
Pro
Expanded governance controls with optional autonomous AI guard coverage and advanced policy depth.
Enterprise / Enterprise Plus
Scale-oriented operation, deeper control surfaces, and premium governance/forensics pathways.
Frequently Asked Questions
How is ControlGate different from alert-only AI security tools?
ControlGate is designed around intervention outcomes, not just detection. It provides hold/review/release/reject workflows with action-level evidence continuity.
Can procurement teams review architecture and trust posture?
Yes. Use the Nexaris security and legal pages for architecture context, dependency transparency, and review pathways.
Does ControlGate support manual intervention evidence?
Yes. Approval outcomes and action logs remain linked and auditable, including release and reject decisions with notes.
What is the current runtime migration direction?
The architecture target is full Cloudflare runtime coverage with staged migration and rollback safeguards for ControlGate cutover.
Start Operational Evaluation
Use the live runtime for onboarding, policy setup, and UAT workflow execution.