Every tenant, isolated
Each client is its own tenant. Policy, data, and Evidence stay walled off. You move between clients from one login.
For MSPs and MSSPs
Resell AI governance to your clients.
One multi-tenant console. Every client. Your margin.
Ahead of the EU AI Act.
Your clients adopt AI faster than they can govern it. You are the one they trust to run their stack. Now you run their AI too. See every tool, govern every call, and hand them audit-ready Evidence before December 2026.
- No proxy
- ·
- No MITM cert
- ·
- No network change
- ·
- MDM‑ready
Your console
4 clients · 312 seats
- Apex Health Group84 seatsGoverned
- Northwind Legal120 seatsGoverned
- Cedar Dental Partners46 seatsReview
- Vela Logistics62 seatsGoverned
EU AI Act Art. 26Evidence Pack ready
Why your clients need you now
Every client you manage is running AI you can't see.
Shadow AI is already inside every book of business you run. The tools show up faster than any client can write a policy for them, and your clients are accountable for AI they can't see. The EU AI Act puts a date on it: December 2026. You are the one who can govern it for them, across every tenant, from one screen.
27 tools
Active AI tools in a typical 50-person client
80%
Employees using AI without IT approval
$670K
Breach premium when Shadow AI is involved
60%
Organizations that already had an AI data exposure
The multi-tenant console
One console. Every client. One login.
Roll up every client into one console. Each one is an isolated tenant with its own policy and its own Evidence. Govern the whole book without juggling logins or spreadsheets.
Govern once, apply per client
Set a baseline policy across your book. Tighten it per client. Watch discovery, redaction, and blocking for all of them on one screen.
Onboard in minutes, offboard in one click
Stand up a new client tenant in minutes. SCIM-aware offboarding tears it down cleanly the day an engagement ends.
What you resell
Two products. One platform. Your markup.
You set the client price. You keep the margin. Buy Sentinel for a client and Evidence ships with it, so the audit deliverable is ready from day one.
Per-seat · SecOps
Northbeams Sentinel
Discovery, public redaction, and real-time governance across browser, desktop, CLI, and MCP. The MCP Gateway enforces allow, warn, or block per tool. You deploy it across every client fleet.
- On-device prompt classifier
- MCP Gateway with per-tool policy
- Daily new-tool detection per client
Annual · GRC
Northbeams Evidence
Signed Evidence Packs for ISO 42001, EU AI Act Article 26, NIST AI RMF, and SOC 2 readiness. The compliance deliverable your clients ask for before December 2026. Ships with every Sentinel subscription.
- Four frameworks, one signed PDF
- Auditor-verifiable signature
- A per-client Pack from day one
Evidence Packs are accepted by ISO 42001, SOC 2, NIST AI RMF, and EU AI Act auditors as part of your client's evidence library. They are not the audit itself. Your client still engages a certified auditor.
The AI System of Record
Roll it out to every client. Touch zero networks.
One platform. Two products. Browser, desktop, CLI, MCP. The same architecture deploys to one client or two hundred, with nothing to stand up inside a client network.
No network change
No proxy. No MITM cert. No DNS rewrite. No on-prem appliance at any client site.
On-device classification
The classifier runs on the endpoint. The original prompt text never leaves the device.
MDM and RMM ready
Signed .pkg and .msi installers push silently through the MDM or RMM you already run.
Four surfaces, one dashboard
Browser, desktop, CLI, MCP. Every signal from every client rolls up to one console.
Design partner program
Be one of our first MSP partners.
We're signing a small group of MSP and MSSP design partners now. You get protected margin, a direct line to our team, and a console roadmap you help shape. Get your clients EU AI Act-ready before the December 2026 deadline.
We work with every design partner directly. The cohort is small on purpose.
Design‑partner margin · Deal registration · EU AI Act‑ready · No network change