Our mission
Kyvvu makes AI agents safe to run at scale. We believe autonomous AI agents will transform how organizations work — but only if every action they take stays within clear, verifiable boundaries. Whether those boundaries come from your own security requirements, industry regulation, or the EU AI Act, Kyvvu turns them into runtime guarantees. Security first; compliance follows for free.
What we do
Kyvvu is an Agent Security Kernel (ASK) — an in-process security layer that checks every action an agent takes, against the full path of the task so far, and allows, warns, or blocks it before it runs. The same idea SELinux applies to operating-system processes, applied to autonomous AI agents. It runs inside the agent’s own process — no proxy, no gateway, no data leaving your environment — and produces a tamper-evident record of every action and verdict as a by-product. It’s framework-agnostic and built on a formal, path-dependent policy model. The result: agents that are safe and compliant by construction, not by hope.
The pun is the brand: every agent has to ASK before it acts.
The key idea is that governance violations don’t live in individual actions. They live in paths. An agent reading a customer record is fine. An agent reading a customer record, then contacting an external system, then writing data back — that sequence may or may not be fine depending on context. Reviewing individual steps won’t surface the problem. You have to evaluate the whole workflow.
This approach — policies on paths — is documented in our research paper Runtime Governance for AI Agents: Policies on Paths, and informs every part of the platform.
The platform
We provide a production-ready stack built around three packages and one in-process engine:
kyvvuSDK (Apache 2.0) — translates agent events into atomic behaviours; manages registration, task lifecycle, the@kv.stepdecorator, and framework handlerskyvvu-engine(BSL 1.1, source-available) — evaluates policy against the full task history; stateful per task; zero I/O, pure CPU, in the agent’s own process; sub-millisecondallow/warn/blockdecisions- Kyvvu control plane (hosted or self-hosted) — policy storage, incident management, trace ingestion, dashboard, and reports
- Integration layer — Python decorator, LangChain and LangGraph handlers, Microsoft Copilot Studio and MS Agent SDK connectors, Claude Code, and a REST API / local engine for any other framework
- Policy library — version-controlled YAML manifests in your own git; OWASP agentic defaults plus AI Act / GDPR templates; extensible with your own rules
- Owned, tamper-evident audit trail — a hash-chained behavioural trace of every action and verdict, shipped to the SIEM you already run
The team
Kyvvu is a small, focused team with deep expertise in AI, enterprise software, and regulated industries.
Founders
Jeroen Ghijsen — Co-founder & CEO. Jeroen was previously CEO of Metrological, a software company serving operators globally, and has two decades of experience scaling enterprise technology businesses. He leads Kyvvu’s commercial strategy, partnerships, and go-to-market.
Maurits Kaptein — Co-founder & CTO. Maurits is Professor of Applied Causal Inference at Eindhoven University of Technology (TU/e), with over 100 peer-reviewed publications spanning statistical learning, causal inference, and AI systems. He previously co-founded Science Rockstars (PersuasionAPI) and Scailable B.V. (acquired by Network Optix in April 2025). He leads Kyvvu’s product and engineering.
Team and advisors
We work with a small team of senior engineers and a group of advisors covering enterprise delivery, AI regulation, and commercial strategy. We’re intentionally keeping headcount lean until our enterprise motion is at scale.
Our story
Kyvvu was founded in late 2025 on a specific observation: organizations are deploying AI agents at an accelerating pace, but the infrastructure to ensure those agents behave according to organizational policy — at runtime, not in a post-hoc report — simply doesn’t exist. Prompting isn’t enough. Permissioning isn’t enough. The missing layer is runtime enforcement.
The EU AI Act codifies much of this need, but compliance is only one outcome. The more fundamental outcome is being able to deploy agents with confidence — knowing that whatever path an agent takes, your rules will be enforced before, not after, the action.
Today, Kyvvu runs in production across regulated industries in the Netherlands, delivered through authorized partners. We’re backed by pre-seed funding.
Contact
Kyvvu is delivered through authorized partners. For end-customers, we offer a free, scoped proof-of-value in your own environment — no commercial commitment during the evaluation.
Commercial inquiries, proof-of-value requests, and partnerships: jeroen@kyvvu.com
Technical questions, integration, and research: maurits@kyvvu.com
Kyvvu BV Nijmegen, Netherlands Chamber of Commerce: 99594234
Want to go deeper? Read our book on AI agents at work, or our blog.