FAQ
Yeah, but what about—
We thought of that. And that. And that other thing.
General
What is KAiZAI?
A governance layer between AI agents and your enterprise. Every agent authenticates through your IDP, deploys through your endpoint pipeline, and logs to your SIEM. You don't learn a new stack. Your users get sanctioned AI instead of the one on their personal account.
What problem does it solve?
Shadow AI. The sequel to Shadow IT, running on Claude Desktop, ChatGPT, and Cursor. People are already using it against corporate data with credentials you never issued. KAiZAI is the sanctioned path so you don't have to block the category.
What's MCP?
Model Context Protocol. An open spec for how AI models talk to external tools. KAiZAI runs a managed MCP server so every tool call goes through one governed endpoint.
Which models work?
Any MCP-compatible client. Anthropic Claude, OpenAI, Google Gemini, and open source. For clients that don't yet speak MCP natively, there's a lightweight proxy.
Do we have to rewrite our agents?
No. KAiZAI hands you a small MCP config snippet plus a step-by-step runbook for your endpoint pipeline. The agent reads the config, OAuth signs the user into your tenant on first tool use, and you're done.
Deployment & IT integration
How does it deploy?
Through your existing endpoint pipeline. Intune, SCCM, Tanium, Jamf, whichever you run. Auth through your IDP. Logs to your SIEM. Nothing new to stand up. You can also deploy packages manually if you like.
Which IDPs work?
Any SAML 2.0 or OIDC provider. Okta, Entra ID, Ping, Auth0, Google Workspace, OneLogin.
How does RBAC work?
IDP groups are the policy. They sync automatically. Scope goes down to function level per service (read, write, destructive). No IDP? Manual assignment is available.
Can we self-host?
Maybe. Send us an email and we'll set up a time to discuss your needs.
Security
Who's responsible for what an agent does?
The agent acts on behalf of an authenticated user. KAiZAI makes every action attributable and reconstructable. The log answers who, what, when, and through which tool, so you're not trying to piece together an incident from memory.
How do you prevent credential sprawl?
Your org keeps the service credentials. Agents get scoped, identity-bound access through KAiZAI. Credentials never end up in a prompt or an agent config.
What about prompt injection?
The managed MCP server applies input and output checks at the proxy layer, independent of the client. Known injection patterns are blocked and logged before they reach downstream services.
Are you SOC 2, FedRAMP, or HIPAA certified?
No. We're not claiming any compliance certifications today. If procurement needs paperwork, talk to us about what you need before you decide.
Services
What services does it support?
The catalog grows constantly. Today it includes Microsoft 365, Google Workspace, GitHub, Atlassian (Jira, Confluence, Bitbucket), Slack, Discord, Notion, Stripe, Sumo Logic, and Digits. New services ship in regularly and appear across every customer tenant automatically. Don't see what you need? Let us know and it goes on the roadmap.
What are central agents?
Always-on integrations like Slack and Discord. Admins configure them once, they operate inside the same RBAC as individual use, and every action is logged.
Pricing
How is it priced?
Standard is $10 per user per month. All features are included; we cap how many services and central agents you can connect at this tier. A Pro tier with unlimited services and central agents is coming soon.
Is there a trial?
Yes. We offer a 7-day free trial of our Standard plan for up to ten users. A credit card is required to start the free trial, but we will never engage in deceitful auto-subscription practices. If you run out of your trial before hitting the subscribe button, no prob. Your tenant will still be waiting for you when you purchase your seat.
What counts as a seat?
One seat is one IDP-bound identity. Human users, one each. First-tool OAuth binds the agent session to the identity, and device fingerprinting plus concurrent-session detection make a seat hard to share.
Is enterprise support available?
Coming soon. We'll publish pricing and SLA terms when it launches.