Trust & security

Hand over the work, not the control.

Understudy lets an agent act inside your systems without becoming a black box. Here's exactly how — in plain terms, the same answer for your security team and for your people.

How it's built

A human owns every agent

Each agent has a named, accountable owner. In supervised phases they approve outbound actions before anything leaves — and can pause or stop it instantly.

Least-privilege access

The agent gets its own identity with only the entitlements its role needs — never shared credentials, never broader than the job. Revoke any time.

Every action is logged

A complete, attributable audit trail of every draft, decision, and action — reviewable by you and retained on your terms.

It says it's an AI

The agent identifies itself. No impersonating a person — not internally, not to your customers.

Your data isn't training data

We never train shared or foundation models on your data. It's used only to do the work, for you.

Stays in your boundary

It runs against your systems with your controls and data-residency rules. Where you need it, it deploys inside your environment.

Writes are earned, not granted

Read-only by default. The agent earns write access one tool at a time, and irreversible or high-impact actions always require a human's approval.

Reversible by design

Roll out gradually, move work back to people whenever you want, and removing the agent and its data is a clean, supported step.

The same controls that keep it safe are the ones that keep a human in charge. That's not a trade-off — it's the design.

Security review coming up?

We'll answer plainly.

Send your questionnaire or your hardest question — and we'll tell you straight what we do, and what we don't do yet.

hello@understudy.team