Runtime Forensics

Runtime forensics is the AISecOps Interceptor v1.0.0 investigation layer for reconstructing how an agentic AI system reached a runtime decision. It connects agent identity, structured plan extraction, capability checks, policy enforcement, runtime budgets, execution outcomes, replay diff, and evidence export into replayable governance records.

What Runtime Forensics Means

AISecOps reconstructs agent execution history so security and platform teams can understand what happened, why it happened, which identity executed it, and which governance controls changed the outcome. The goal is not only observability; it is provenance-aware forensic reconstruction of autonomous runtime behavior across timeline, diff, summary, and graph views.

Why Logs Are Not Enough

Traditional logs are event records. They can show that a tool was called, a request failed, or a policy returned a result. AISecOps replay records are decision-chain evidence: they preserve the identity metadata, execution plan, capability result, policy result, governance result, and final runtime decision in a structured format that can be replayed through APIs, CLI, and the Replay Audit UI.

Replayable Audit Model

Prompt / Skill / Memory
        ↓
Execution Plan
        ↓
Capability Check
        ↓
Policy Enforcement
        ↓
Runtime Budgets
        ↓
Governance Result
        ↓
Approval / Block / Execute
        ↓
Structured JSONL Audit
        ↓
Replay Engine / Replay Diff / Evidence Export / Replay Audit UI

Each stage emits structured evidence that can be replayed without trusting the model to explain itself after the fact. The same evidence also supports execution graph reconstruction so investigators can see how instruction sources and runtime decisions connect over time.

Agent Identity Metadata

AISecOps v1.0 introduces agent identity as a first-class metadata field. A replay trace can record which agent, runtime, tenant, and policy context were active when the decision occurred.

Typical fields include:

• agent_id
• agent_type
• tenant_id
• policy_bundle
• runtime_mode
• budget_context

This distinction matters during incident response because governance failures often originate from missing identity or ambiguous runtime context rather than the original user request.

Risk Explanation Engine

The risk explanation engine turns a blocked or modified execution into a human-readable governance result. It should explain whether the control came from identity, capability, policy enforcement, budget, approval, or local enforcement mode.

Replay CLI

The replay workflow starts from a trace identifier and the JSONL audit file produced by the runtime governance layer.

aisecops-replay --trace-id run-123 --audit-file audit/events.jsonl --diff --evidence

The same trace can also be reviewed through the Replay API and Replay Audit UI, which expose timeline views, provenance badges, decision summaries, replay diff, and execution graph reconstruction for analysts.

Evidence Package Workflow

trace_id: run-123
provenance:
  agent_id: agent-finance-01
  tenant_id: acme-corp
  runtime_mode: local_enforcement
execution_plan_id: plan-8f42
capability_result:
  capability: cap_contract_review
  status: allowed
policy_result:
  policy: external_email_recipients
  status: approval_required
  reason: recipient_not_allowlisted
governance_result:
  outcome: block
  explanation: policy blocked outbound action before execution
evidence_package:
  replay_diff: replay-diff.json
  compliance_export: evidence-bundle.zip
  audit_log: audit/events.jsonl

The output is designed for investigation workflows, not model-generated justification. It gives responders the runtime facts needed to reconstruct the decision boundary, and the Replay Audit UI can render the same trace as a timeline, replay diff, and execution graph.

Execution Graph Reconstruction

Timeline replay answers what happened in order. Execution graphs answer how the decision chain connected. AISecOps reconstructs graph structure from runtime events so investigators can see how identity, plan extraction, capability validation, policy enforcement, runtime budgets, runtime controls, and evidence export relate.

This is especially useful when a single trace includes multiple plan updates, runtime budget changes, or governance modifications that alter the eventual execution path. The graph view turns raw audit rows into causal structure.

Enterprise Use Cases

• incident response for agent-initiated actions
• audit review of high-risk tool calls
• compliance evidence export for regulated workflows
• policy drift analysis across model, prompt, and skill changes
• approval reconstruction for regulated workflows
• agent behavior debugging across planning, evaluation, and execution
• runtime cost and budget review for agent activity
• execution graph analysis for multi-step runtime causality

Current Limits

• no cryptographic provenance signing yet
• no distributed trace reconciliation yet
• execution graph reconstruction is still trace-local rather than cross-trace or distributed

Roadmap

• cross-trace investigation workflows
• graph diffing and richer execution graph analysis
• provenance signing
• distributed runtime correlation
• governance exports and investigation APIs