/ ARC
Live demo →
Bendex Geometry LLC
Bendex Arc Platform
Runtime governance
for autonomous
AI systems.

The control plane between intelligent systems and real-world actions.

Trust boundaries. Capability enforcement. Session observability. Human-in-the-loop approvals. One platform.

Get started — $29/mo Live demo → GitHub →
25/25
TAB Platform — independent verification
100%
AgentDojo — unsafe action prevention
99%
InjecAgent — blind test TPR
206ms
Median overhead
Bendex Arc Platform

Everything your agents need to operate safely.

Five integrated modules covering enforcement, detection, observability, approval, and memory integrity. One platform, one subscription.

Enforcement layer

Arc Gate

OpenAI-compatible proxy. Enforces trust boundaries at the API level. Source-aware authority, capability revocation, policy templates. One URL change to integrate.

Detection layer

Arc Sentry

Self-hosted whitebox detection for local models. Reads the residual stream before generate() is called. Catches multi-turn attacks LLM Guard misses. Also available free and open source.

Observability layer

Arc Replay

Full session replay and trace explorer. See exactly what happened, which layer fired, and why. Every blocked request, every capability revocation, every session trajectory.

Approval layer

Arc Approve

Human-in-the-loop approvals before high-risk tool calls. Pause before state-mutating actions — send_money, delete_file, send_email. Slack-native. Never auto-approves.

Memory layer

Arc Memory

Memory integrity monitoring across multi-turn sessions. Detects identity drift, contradictions, and forgotten facts using geometric behavioral tracking. Catches manipulation before it compounds.

What it looks like

The model never gets the chance to act.

When a webpage, email, or document tries to issue instructions to your agent, Arc Gate intercepts it before the model processes it.

[authority_sm]source=webpage   authority=10/100
[authority_sm]instruction attempt detected
[proxy]capabilities revoked — tool_calls=false
[proxy]request blocked — upstream never called
[assistant]I can summarize the content, but I cannot follow embedded instructions from untrusted sources.

The upstream LLM never sees the malicious instruction. The agent continues safely.

Try the red team environment →

How it's different

Every other tool classifies prompts.
Bendex Arc enforces runtime behavior.

The question isn't "does this look dangerous?" It's "is this source allowed to issue instructions at all?" That's a different question with a different answer.

Bendex Arc Lakera Guard LLM Guard OpenAI Mod.
Classifies prompts
Source-aware authority
Capability revocation
Session state tracking
Graceful degradation
Session replay traces
MCP governance
Human-in-the-loop approvals
Memory integrity monitoring
Benchmarks

Tested blind. Results published.

All benchmarks run against datasets Bendex Arc had never seen. Full harness public and reproducible.

25/25
Independent verification by TAB Platform (tabverified.ai)
"Arc Gate blocked 100% of attack payloads across three consecutive runs. The same model without Arc Gate passed only 76–80% of tests, failing 5–6 attack payloads per run." — TAB Platform, May 2026
100%
AgentDojo v1
ETH Zurich, ICLR 2024. 54 agentic tool poisoning attacks across banking, Slack, travel, and workspace suites. 0% false positives on benign workflows.
99%
InjecAgent
University of Illinois, ACL 2024. 200 blind test cases covering direct harm and data exfiltration across 17 user tools. Never seen these payloads before.
4/4
Multi-turn escalation
Session state governance across fresh sessions, after authority probing, after legitimate history, and split injection across turns. 0 false positives.

Full benchmark harness: github.com/9hannahnine-jpg/arc-gate-benchmark  ·  Known limitations documented at GitHub

Pricing

Free to start.

Try the full platform before committing. No credit card for the free tier.

Get started
Free
$0 forever
No credit card required
  • 500 requests via demo key
  • Arc Gate proxy access
  • Arc Replay session explorer
  • Live red team environment
  • Community support
Get started free →
Production
Bendex Arc
$29/month
Full platform · Unlimited requests
  • Arc Gate — enforcement proxy
  • Arc Sentry — self-hosted detection
  • Arc Replay — session observability
  • Arc Approve — human-in-the-loop
  • Arc Memory — integrity monitoring
  • Arc MCP — MCP governance
  • Policy templates
  • Bendex Arc Console
  • Email support
Get started →

Also available: Arc Sentry standalone, free and open source for self-hosted deployments.

Foundation

Built on published research.

Bendex Arc is grounded in a geometric framework published in five open-access papers on the Fisher information manifold (H² × H²). The behavioral trajectory monitoring, session drift detection, and memory integrity layers emerge directly from this theoretical foundation.

View papers on Figshare →