Why Starfort exists
TODO — describe the three risk tiers (security, regulatory, quality) and how Starfort gives each to the right team.The risk hierarchy
| Priority | Risk type | Example threats | Posture |
|---|---|---|---|
| 1 | AI security | PII leakage, confidential data exposure, jailbreak, prompt injection | Centrally enforced — non-negotiable |
| 2 | AI regulatory | National AI laws, domain regulation (finance, healthcare), internal policy | Compliance required — central guidance + domain-specific application |
| 3 | AI service quality | Hallucination, UX degradation | Continuous tuning — autonomous per service |
Organizational model
TODO — describe Security team / AI Governance team / Service dev team roles (RACI matrix from PRD §2.3).Next
Architecture overview
Skeleton, Core, and the data flow between them.