Product alignment — which component ships in which product
Product alignment — which component ships in which product
Section titled “Product alignment — which component ships in which product”Mapping the architecture to the three commercial products (Runtime / Control / Intelligence). Every component lives in one of these products. This is the investor / pricing / go-to-market view.
The three products from Strategy Memo v3 §11:
| Product | Buyer | Motion | Pricing | Status |
|---|---|---|---|---|
| Runtime (open-core) | Developer | Viral, pip install | Free forever | MCS Q2 2026 |
| Control (SaaS + on-prem) | CISO / Head of AI / GRC | Enterprise sale | Per governed agent / month | Q3-Q4 2026 |
| Intelligence (data moat) | Existing Control customer | Upsell | Telemetry volume bands | 2027 |
Component → product map
Section titled “Component → product map”Runtime (open-core SDK + CLI + providers)
Section titled “Runtime (open-core SDK + CLI + providers)”The free, viral, developer-installed product. Everything required to run a governed agent on a single machine without a server-side dashboard.
| Component | Why Runtime | Status |
|---|---|---|
| Compiled Policy schema | Canonical IR; ships with the SDK | concept (Q3) |
| Policy compiler | Compiles Compiled Policy from Policy + sandbox-spec; runs in Runtime mode against local Policy file | concept (Q3) |
| Cascade merger | Merges org/project/agent levels; degenerates to single-level for solo Runtime use | concept (Q3) |
| Live policy push channel | Listens for updates; works against either local Policy file or remote Control plane | concept (Q3) |
Operator CLI tappass | Authoring + provisioning surface; works locally or against Control plane | concept (Q3) |
Host runtime CLI tappass-host | Receives sync; applies layered config; launches agent | concept (Q3) |
Agent client SDK tappass-agent | The library every agent imports | concept (Q3) |
| Upstream tool proxy / MCP forward | MCP-side enforcement; ships with Runtime | concept (Q3) |
| Resource access checker | Pipeline step; ships with Runtime | concept (Q3) |
| Runaway agent stopper | Pipeline step; ships with Runtime | concept (Q3) |
| Approved tool-server list | Per-org MCP registry; works in Runtime mode against local config | concept (Q3) |
| Kernel ring applier | OpenShell + Landlock + L7 network | partial (OpenShell shipped) |
| Harness ring applier | settings.json writer + per-runtime adapters | concept (Q3) |
| Interpreter ring applier | Monty / V8 / Wasmtime profiles | concept (Q4) |
| LLM gateway (cross-cutting) | OAI / Anthropic / MCP / LiteLLM | ✅ shipped |
| OpenShell sandbox + nono | Kernel-ring primitives | ✅ shipped |
| 32-step pipeline | Detection / capability tokens / audit | ✅ shipped |
| Hash-chain audit | Integrity verification | ✅ shipped |
| ES256 mandates | Per-allow signing | ✅ shipped |
| Authoring resolver (intent-to-policy) | Function/category/concern/capability collapse to pipeline | ✅ shipped on main |
Runtime promise: every part of governance up to and including local enforcement works without a Control plane. Rego policy file → 5 enforcement positions → agent runs.
Control (SaaS + on-prem dashboard)
Section titled “Control (SaaS + on-prem dashboard)”The commercial product. CISO / GRC pays for it. Adds central authoring, multi-machine sync, audit dashboards, marketplace, compliance reports.
| Component | Why Control | Status |
|---|---|---|
| Onboarding wizard | Click-driven Policy authoring for non-engineers | concept (Q4) |
| EU AI Act compliance pack | Procurement-defensible; certified once, inherited | concept (Q3) |
| OWASP LLM Top 10 pack | Same | concept (Q3) |
| GDPR / PCI-DSS / HIPAA / NIS2 / DORA packs | Same | planned (2027) |
| Sandbox registry / state store | Multi-machine "where are my agents?" view | concept (Q3) |
| Reconciler | Drift detection across the fleet | concept (Q3) |
| Audit dashboard | Visual trace timelines, denial reasons, replay | concept (Q3) |
| Authoring UX (GitOps, simulation, shadow mode) | Strategy memo §09 vector 05 | concept (Q3-Q4) |
| Marketplace v1 (3 certified policy packs) | Switching-cost lock-in | concept (Q4) |
| Pre-deployment evaluator | Runs probe suite against agent before deploy; CI integration | concept (Q4) |
| OWASP LLM probe library | Probe content for the evaluator | concept (Q4) |
| SOC 2 Type 1 audit | Procurement filter for enterprise / EU buyers | calendar (Q3-Q4) |
| Public trust page | 0-training, residency, encryption, sub-processors | concept (Q3) |
Control promise: one Policy authored centrally, applied everywhere your agents run, audited in one dashboard, with auditor-ready compliance reports out of the box.
Intelligence (data-moat upsell)
Section titled “Intelligence (data-moat upsell)”The 2027 product. Cross-customer behavioral intelligence. Only valuable once Runtime + Control reach scale.
| Component | Why Intelligence | Status |
|---|---|---|
| Behavior drift monitor | Production behavior vs. baseline; cross-customer pattern detection | concept (Q4 single-tenant; Intelligence layer 2027) |
| Cross-customer anomaly detection | "Your agent is the only one in our network using this tool pattern" | planned (2027) |
| Industry benchmarks | "Peer fintechs deny this tool by default" | planned (2027) |
| MCP / skill vulnerability disclosure | Push policy update within minutes of disclosed flaw | planned (2027) |
| Behavioral baselines per industry | Compounding from telemetry scale | planned (2027) |
Intelligence promise: the security signal no single customer can build alone. The longer we run, the sharper our cross-customer signal becomes.
What this map enables
Section titled “What this map enables”Pricing conversations
Section titled “Pricing conversations”Runtime is free. Control is the pricing surface. Intelligence is upsell.
A buyer asking "what does this cost?" gets:
- Runtime: $0
- Control: per governed agent / month, tiered, on-prem surcharge
- Intelligence: telemetry-band add-on, opt-in, available 2027
Investor conversations
Section titled “Investor conversations”Three flywheels, one substrate:
Runtime (free, viral) │ │ every install = lead for Control │ every install = telemetry for Intelligence ▼ Control (per-agent SaaS) │ │ scale enables ▼ Intelligence (cross-customer signal) │ │ retention + pricing leverage ▼ compounding moatEngineering prioritization
Section titled “Engineering prioritization”Within each product, what to ship first:
- Runtime Q2 2026 critical path = Compiled Policy + 2 providers across 2 rings + push/pull/reconcile + state store. The MCS. Nothing else gets prioritized over this.
- Control Q3-Q4 2026 critical path = Authoring UX + audit dashboard + SOC 2 Type 1 + 2 compliance packs.
- Intelligence 2027 = single-tenant drift first; cross-tenant after Q4.
Sales motion
Section titled “Sales motion”| Buyer | First contact via | Conversion path |
|---|---|---|
| Solo developer | pip install tappass | → joins team → buys Control |
| Mid-market CTO | Compatibility matrix → Control trial | → SOC 2 close → Control contract |
| Enterprise CISO | Compliance pack → on-prem Control demo | → procurement → on-prem Control + Intelligence opt-in |
| Vendor (e.g. Collibra) | Reference architecture → Control resale / partnership | → vendor offers TapPass-governed runtime to their customers |
Pricing strategic principles
Section titled “Pricing strategic principles”- Never gate core enforcement. Runtime ships every enforcement position; Control adds the operator/CISO experience.
- Open-core distribution flywheel. Free Runtime is what makes a paid Control competitor unable to catch up (no flywheel).
- Charge for outcomes, not features. Control's pricing is per-agent because that's what scales with customer value.
What this means for the roadmap
Section titled “What this means for the roadmap”The three products give the roadmap a coherent strategic spine:
| Quarter | Product focus |
|---|---|
| Q2 2026 | Runtime MCS — the four-piece v1 deliverable |
| Q3 2026 | Runtime extended (more providers) + Control v1 (authoring, dashboard, SOC 2 prep) |
| Q4 2026 | Control v1 GA (compliance packs, marketplace, eval, drift) + MCP broker + chat-bot surfaces |
| Q1 2027 | Intelligence alpha + Federation + Compliance v2 |
See roadmap/2026-h2.md for week-level detail.
References
Section titled “References”- Strategy Memo v3 §11 — Product shape
- Strategy Memo v3 §14 — Moats and defensibility
OVERVIEW.md— three products in the 1-pagerCOMPATIBILITY-MATRIX.md— what each runtime deliversconcepts/minimum-credible-substrate.md— what gates Runtime v1