AI can think whatever it wants. Nothing executes without approval.
MIG is the execution control layer between AI agents and real-world systems — industrial controllers, enterprise software, critical infrastructure. Every action validated before it runs. Fail-closed by default. No LLM in the decision loop.
Execution is the last unguarded boundary.
We've built guardrails around what AI can say. Almost nothing guards what AI — or anyone else on the network — can actually do.
Zero authentication
Modbus TCP — the protocol running much of the world's industrial equipment — dates to 1979 and has no security model. Any device on the network can command any controller.
Execution without validation
PLCs execute every command unconditionally. No authentication, no authorization, no content inspection. The controller can't tell an operator from an attacker — or from a confused AI agent.
Detection after damage
Today's security tools monitor and alert after execution. By the time the alert fires, the pump has oversped and the valve is open. Detection is not prevention.
Oldsmar, Florida (2021): a single remote command set sodium hydroxide dosing to 100x safe levels at a water treatment plant. The PLC executed it instantly. July 2025: an AI coding agent deleted a company's production database during an active code freeze. Different domains — same missing layer: nothing validated the action before it ran.
One governance engine. Two products. One services arm.
MIG is the core. Everything else we build sits on top of it — including our own automation platform.
MIG
The execution control engine. Sits between any command source and any target system, validating every action before it executes.
- 8-step validation pipeline
- Graph-based policy matching
- 0–100 continuous risk scoring
- ALLOW / DENY / APPROVAL verdicts
- Full forensic audit trail
Nova Launching Soon
A governed automation platform. AI agents plan and execute real tasks — and MIG validates every single action before it runs. Safety built in, not bolted on.
- Natural-language task automation
- Skill library, extensible via JSON
- MIG governance on every action
- Fail-closed on any error
- Complete audit log per task
Galatine Labs
Governed AI automation sprints for businesses. We build your automation on Nova, governed by MIG — the speed of AI agents without handing them the keys.
- Scoped 2–4 week engagements
- Policy design for your workflows
- Audit-ready from day one
Eight independent checks. Three possible verdicts.
Every command passes through the full pipeline. Every step is independent and traceable. Every decision is logged with its complete rationale.
PII Scan
Detect sensitive data in the payload
Action Classification
Infer intent: read, write, firmware, safety
Payload Inspection
Analyze content, sensitivity, destination
Policy Matching
Graph traversal with semantic embeddings
Mode Check
Validate against operational state
Zone Enforcement
IEC 62443 zone-conduit rules
Override Logic
Higher-risk checks supersede lower
Audit Trail
Full decision trace logged
ALLOW
The command matches policy and carries acceptable risk. It's forwarded to the target system and logged.
APPROVAL
The command is legitimate but sensitive. It's held in a queue until a human operator explicitly confirms it.
DENY
The command violates policy or exceeds risk thresholds. The target system never sees it. Full rationale logged.
Tested against a real PLC. Reported honestly.
MIG was validated against a live PLC and real Modbus TCP traffic in a simulated oil-processing plant environment (LabShock). Real controller, real protocol, simulated plant — here is exactly what happened.
These are results from our validation environment, not production deployments — and we say so, because the audit trail is the product. A 35-year OT/ICS veteran is currently setting up an independent cyber range to test MIG further. Independent results will be published here.
Detection tools watch. MIG decides.
| Claroty / Dragos | Microsoft AGT | MIG | |
|---|---|---|---|
| Approach | Monitor after execution | Check tool permissions | Validate before execution |
| Content inspection | No | No | Full payload analysis |
| PII detection | No | No | Yes |
| Risk scoring | Severity levels | Binary allow/deny | 0–100 continuous |
| Operator approval | No | No | 3-tier decisions |
| OT protocol support | Yes (passive) | No | Yes (active prevention) |
Complementary, not competitive. Detection platforms like Claroty and Dragos are excellent at what they do — visibility and threat detection across OT networks. MIG adds the layer they don't: an enforcement boundary that stops the dangerous command before it executes. You want both.
Built by someone who understands the machines.
Most security founders come from networking. I come from the machines themselves — pump curves, turbine dynamics, valve failure modes. When I read about the Oldsmar attack, I didn't see a network breach. I saw a dosing pump that should never have accepted that command.
I built the entire MIG stack solo — engine, API, dashboard, OT connector, playground. Two years of building. Zero funding. Family-supported. Still shipping every week.
The audit trail is the product, so honesty is the operating principle. MIG's limitations are documented as openly as its capabilities.
Watch MIG deny an attack in real time.
Private demos available for investors, pilot partners, and OT security teams. Or try the public playground right now — no signup.
neel@houseofgalatine.com