Newest First
Targets rebuilt. Anthropic adapter shipped.
Active red-team runtime. Strict deployment provenance.
Connect any agent endpoint and get a verdict in under 5 minutes. The full Connect → Run → Report loop covers instruction integrity, tool safety, data exposure, and access boundary. Includes the approval-workflow scenario pack (36 scenarios), tripwire detection, and a portable evidence trail per scenario.
Targets now have their own configuration, history, and evidence view. Click into any target to see what ran, what failed, and why. Tools, action policy, evidence mode, and scenario selection are all configurable per target.
Run the adversarial harness directly against Claude agents on the Anthropic Messages API. No proxy required.
Two entry points: Protect PRs or Observe Runtime. Pick one and the setup takes you the rest of the way. Back, forward, refresh, and deeplinks all work. Your draft survives a refresh.
PR Runs now shows verdict, deployment binding, and one-click access to the originating PR. Ask Kurral answers faster, cites the underlying scan and trace evidence, and keeps conversation history per case. Works as a natural Slack mention.
The first runtime that executes adversarial probes against a live agent endpoint, captures the trace, and feeds findings back into the scan pipeline. Includes GAP detection, which catches agents that pass surface checks but are exploitable through how they chain tool calls — the gap most prompt-injection attacks use.
Recorded validation lets you replay deterministic sessions against PR commits. Parent runs group multiple uploads from the same PR. The behavioral risk classifier routes low-risk PRs to fast scans and high-risk PRs to the strictest mode. A guided setup wizard wires GitHub, scan mode, baseline, and policy in one flow.
Every gate decision is now bound to the exact deployment revision the scan ran against. Gates reject decisions made against old code. What got tested has to match what shipped. Provenance shows up in the evidence pack so auditors can verify it directly.
Gate behavior in dev, staging, and production stays separate. Baselines, policies, and decisions are scoped per environment, and you can override the org default per repo. No config bleed between environments.
Reports now include scan provenance, decision rationale, and a per-finding evidence trail. The PDF is the artifact you hand to a security reviewer.
Install the Kurral GitHub App, connect a repo, and every PR that touches the agent gets a scan with a pass / warn / fail check posted natively to GitHub.
Define a baseline of expected agent behavior, a policy of what counts as pass / warn / fail, and get a versioned decision log per scan.
One-click export to portable JSON or PDF: decision, provenance, findings, and publication context. The artifact your customer's security team can read without an account.
Pass-through proxy for OpenAI, Anthropic, and Azure OpenAI. Captures provider-visible LLM messages, tool calls, retries, and latency without a single line of agent code change.
Setup guides, integration docs, and the proxy quickstart — all inside the dashboard. No context-switch to a separate site.
Unified observability and security platform built around agents as the core unit. OTLP ingest, an official Python SDK, and the Kurral Security Proxy that captures any agent's outbound traffic.
Animated replay of every step in a flagged scenario: user input, model plan, tool call, policy decision, outcome. Lets you reconstruct what the agent actually did, in order.
Security CLI and GitHub Action: run a Kurral scan from any GitHub workflow with a single action and fail the build on a critical finding.
Drop-in callbacks for LangChain and LangGraph that emit Kurral-native traces with tool calls, intermediate reasoning, and final outputs.
Metrics dashboard for scan volume, finding rates, latency, and cost across agents. API key management. Replay and determinism detection for recorded artifacts.
Bring an endpoint. Leave with a verdict, posture across four axes, and an evidence pack you can hand to a security reviewer.
Run an adversarial test →We use cookies to understand how Kurral is used and to remember your preferences. Details in the privacy policy.