Category guide
AI Software Delivery Control
What the category means in practical terms: visibility, control, and evidence for AI-assisted engineering actions.
Resources
Practical answers for securing AI-assisted software delivery.
A working guide for AppSec, platform, DevSecOps, and security leadership teams mapping where AI-assisted workflows can act, which authority they rely on, and what evidence is useful for review, audit, and customer trust.
Category
The language for the control problem.
Artifact
Agent Action BOM
A buyer-readable map of actor, owner, repo, workflow, credential, reachable action, target, approval rule, and evidence coverage.
System object
Action-Control Graph
The living map behind the BOM: owner, workflow, task, tool, credential, action, target, approval, policy, and evidence.
Guides
Where AI-assisted delivery risk shows up.
Security guide
AI Coding Agent Security
How to secure AI coding agents without turning every prompt or edit into a security gate.
CI/CD
AI Agents in CI/CD
How to govern PR-linked agent work, workflow files, CI jobs, credentials, package publishing, and release paths.
Identity
AI Coding Tools and Non-Human Identities
Why identity inventory is necessary but not enough when AI-assisted workflows can use credentials to change systems.
Assessment
What to expect from the first Clyra engagement.
First offer
AI-Assisted Software Delivery Assessment
What a focused Clyra assessment covers, what the buyer gets, and when the first offer is a fit.