Live sandbox
Demo Corp · sandbox · live

Enforce, audit, trust.

A fully simulated control plane. Toggle policies, fire a live PR, export an evidence pack — nothing persists. Hit Start tour for the 90-second walkthrough.

4
Policies enforced
3
Decisions · blocked
2
Decisions · review/warn
1
Decisions · allowed
01 · Connections

GitHub orgs

SentrAI GitHub App · demo-org

Simulated install. In production, one click installs the App, posts a sentrai/policy check on every PR, and streams enforcement decisions into the audit log.

demo-org
organization · all repos · installed just now
active · sandbox
02 · Policies

Active rule set

5 policies · 4 enforced
P-001critical
Block AI in regulated repos

No Copilot, Cursor, Claude, or Codex changes in repos tagged hipaa, pci, sox.

trigger: ai_authored_regulated_pathscope: regulated/**action: blockSOC2:CC8.1HIPAA:164.312(b)PCI:6.5.3
P-002high
Restrict AI to approved teams

Only members of approved GitHub teams may push AI-assisted commits.

trigger: ai_authoredscope: *action: require_reviewSOC2:CC7.2
P-003high
Require evidence for large AI diffs

AI-assisted PRs over 400 LOC require explicit human sign-off + evidence pack.

trigger: large_ai_diffscope: *action: require_evidenceISO27001:A.14.2
P-004medium
Flag suspicious patterns

Off-hours commits, unusual cadence, or off-policy assistants.

trigger: ai_authoredscope: *action: warnSOC2:CC8.1
P-005medium
Approve assistant sources

Allowlist Copilot Business / Enterprise. Block unsupported AI sources org-wide.

trigger: ai_authoredscope: *action: blockEU-AI-Act:Art.14
03 · Live PR

Simulate a Copilot PR

demo-org/payments-core · PR #1107

AI-authored diff against a regulated repo. Watch SentrAI fire P-001, post a failing Check Run, and write a signed audit entry.

04 · Audit

Immutable decision log

7 entries · hash-chained
tsrepopolicydecisionactortagsevidence
11:56:00 PMdemo-org/payments-coreP-001block@dlinSOC2:CC8.1, PCI:6.5.3sha256:97bee16b478c68b1
11:51:00 PMdemo-org/api-gatewayP-004warn@kparkSOC2:CC8.1sha256:3ad19518aa56d782
11:46:00 PMdemo-org/marketing-siteP-002allow@saraSOC2:CC7.2sha256:85022fe463a9d78b
11:40:00 PMdemo-org/hipaa-recordsP-001block@bot-copilotHIPAA:164.312(b)sha256:82dd47799bf6221a
11:33:00 PMdemo-org/data-platformP-003review@mjonesISO27001:A.14.2sha256:b4139d7012c35b4a
11:27:00 PMdemo-org/billing-svcP-003evidence@dlinISO27001:A.14.2sha256:8b6fc7d8d3ed898a
11:19:00 PMdemo-org/infra-tfP-001block@kparkSOC2:CC8.1sha256:0f343362346795fa
05 · Evidence

Signed evidence pack

2026-Q2 evidence pack

Tamper-evident bundle: every decision, hashed and chained. CSV + JSON + signed manifest. Mapped to SOC 2 CC8.1, HIPAA 164.312(b), PCI 6.5.3, ISO 27001 A.14.2, EU AI Act Art. 14.

  • Append-only, content-addressed audit log
  • SHA-256 evidence hashes per decision
  • Signed manifest (Ed25519, per-tenant key)
  • Webhook + SIEM stream out of the box
preview · 2026-Q2-evidence.csvverified ✓
# SentrAI Evidence Pack — DEMO
# generated: 2026-07-13T14:01:48Z
# entries: 7
# signed_by: sentrai-demo-key
ts,repo,policy_id,decision,actor,evidence_hash
23:56:00,demo-org/payments-core,P-001,block,dlin,sha256:97bee16b478c68b…
23:51:00,demo-org/api-gateway,P-004,warn,kpark,sha256:3ad19518aa56d78…
23:46:00,demo-org/marketing-site,P-002,allow,sara,sha256:85022fe463a9d78…
23:40:00,demo-org/hipaa-records,P-001,block,bot-copilot,sha256:82dd47799bf6221…
23:33:00,demo-org/data-platform,P-003,review,mjones,sha256:b4139d7012c35b4…
…
06 · Real deployment

Past the sandbox? Let's talk.

We're onboarding a small cohort of design partners. 30-minute pilot, GitHub-only, your security team in the room.

00 · Welcome
You are the security lead at Demo Corp.

Copilot is shipping into 12 repos. Two are HIPAA-scoped. Your CISO wants written controls before next audit. SentrAI is your merge-time control plane — let's walk it.