Policy Engine Overview
Overview
The Ascend Policy Engine is the core decision-making system that evaluates all AI agent actions and MCP tool calls against your organization's security policies. Operating with sub-200ms response times, the engine provides real-time governance decisions using comprehensive risk scoring across four categories: financial, data, security, and compliance.
The policy engine supports both structured policy definitions and natural language policy descriptions, enabling security teams to create and manage policies without deep technical expertise.
Key Capabilities
- Sub-200ms Evaluation: Real-time policy decisions for interactive AI workflows
- 4-Category Risk Scoring: Comprehensive assessment across financial, data, security, and compliance dimensions
- Natural Language Policies: Create policies using plain English descriptions
- Pattern Matching: Wildcard, regex, and exact match support for flexible policy rules
- Policy Caching: High-performance caching layer for repeated evaluations
- Conflict Detection: Automatic identification of conflicting policy rules
- Unified Engine: Single policy engine for both agent actions and MCP tool calls
- Audit Integration: Complete audit trail for all policy evaluations
How It Works
Policy Evaluation Architecture
┌─────────────────────────────────────────────────────────────────────────────┐
│ POLICY ENGINE ARCHITECTURE │
└─────────────────────────────────────────────────────────────────────────────┘
┌─────────────────┐
│ Action/Tool │
│ Request │
└────────┬────────┘
│
v
┌─────────────────────────────────────────────────────────────────────────────┐
│ POLICY EVALUATION ENGINE │
│ ┌─────────────────────────────────────────────────────────────────────┐ │
│ │ CACHE LAYER │ │
│ │ ┌───────────────────────────────────────────────────────────────┐ │ │
│ │ │ Cache Key: user_role:action_type:resource:namespace:env │ │ │
│ │ │ TTL: 300s (standard) / 60s (high-risk) │ │ │
│ │ └───────────────────────────────────────────────────────────────┘ │ │
│ └─────────────────────────────────────────────────────────────────────┘ │
│ │ │
│ ┌─────────┴─────────┐ │
│ │ Cache Miss │ │
│ └─────────┬─────────┘ │
│ │ │
│ ┌─────────────────────────────────┴────────────────────────────────────┐ │
│ │ POLICY MATCHING │ │
│ │ │ │
│ │ For each policy (ordered by priority DESC): │ │
│ │ 1. Match server/agent patterns │ │
│ │ 2. Match namespace patterns │ │
│ │ 3. Match action/verb patterns │ │
│ │ 4. Match resource patterns │ │
│ │ 5. Evaluate conditions (time, role, environment) │ │
│ │ 6. Check risk threshold │ │
│ │ → First matching policy wins │ │
│ │ │ │
│ └─────────────────────────────────┬────────────────────────────────────┘ │
│ │ │
│ ┌─────────────────────────────────┴────────────────────────────────────┐ │
│ │ RISK SCORING ENGINE │ │
│ │ │ │
│ │ ┌───────────────┐ ┌───────────────┐ ┌───────────────┐ ┌───────────┐ │ │
│ │ │ Financial │ │ Data │ │ Security │ │ Compliance│ │ │
│ │ │ (15%) │ │ (30%) │ │ (35%) │ │ (20%) │ │ │
│ │ └───────────────┘ └───────────────┘ └───────────────┘ └───────────┘ │ │
│ │ │ │ │
│ │ v │ │
│ │ ┌─────────────────────┐ │ │
│ │ │ Weighted Total Score│ │ │
│ │ │ (0-100) │ │ │
│ │ └─────────────────────┘ │ │
│ └─────────────────────────────────┬────────────────────────────────────┘ │
│ │ │
│ ┌─────────────────────────────────┴────────────────────────────────────┐ │
│ │ DECISION ENGINE │ │
│ │ │ │
│ │ Policy Decision Logic: │ │
│ │ 1. If matched policy = DENY → DENY │ │
│ │ 2. If risk >= 90 (critical) → ESCALATE │ │
│ │ 3. If risk >= 70 (high) → REQUIRE_APPROVAL │ │
│ │ 4. If matched policy = ALLOW (confidence > 0.8) → ALLOW │ │
│ │ 5. Default → REQUIRE_APPROVAL │ │
│ │ │ │
│ └─────────────────────────────────┬────────────────────────────────────┘ │
│ │ │
└─────────────────────────────────────────────────────────────────────────────┘
│
v
┌─────────────────┐
│ Decision │
│ ALLOW / DENY │
│ EVALUATE │
│ ESCALATE │
└─────────────────┘
Policy Decision Types
| Decision | Description | Next Step |
|---|---|---|
ALLOW | Action permitted | Execute immediately |
DENY | Action blocked | Reject with reason |
REQUIRE_APPROVAL | Needs human review | Route to approval workflow |
ESCALATE | Critical risk | Route to senior approvers |
CONDITIONAL | Additional conditions | Check conditions, then decide |
Risk Categories
| Category | Weight | Description | Scoring Factors |
|---|---|---|---|
| Security | 35% | Access and privilege risks | Credentials, admin actions, permissions |
| Data | 30% | Data sensitivity risks | PII, customer data, confidential info |
| Compliance | 20% | Regulatory risks | Audit requirements, policy violations |
| Financial | 15% | Business impact risks | Billing, payments, revenue data |
Risk Levels
| Score | Level | Approval Requirement |
|---|---|---|
| 90-100 | CRITICAL | Executive approval (L5) |
| 80-89 | HIGH | Senior manager (L3-L4) |
| 50-79 | MEDIUM | Manager approval (L2) |
| 25-49 | LOW | Peer review (L1) |
| 0-24 | MINIMAL | Auto-approve |
Configuration
Policy Schema
{
"policy_name": "string (required, unique)",
"natural_language_description": "string (optional, NL input)",
"policy_status": "draft | deployed | archived",
"is_active": "boolean",
"priority": "integer (1-1000, lower = higher priority)",
"resource_patterns": ["array of resource patterns"],
"namespace_patterns": ["array of namespace patterns"],
"verb_patterns": ["array of action/verb patterns"],
"conditions": {
"time_range": {"start_hour": 0, "end_hour": 23, "timezone": "UTC"},
"user_role": "role_name",
"environment": "production | staging | development"
},
"actions": "ALLOW | DENY | REQUIRE_APPROVAL | ESCALATE",
"action_params": {
"approval_level": "integer (1-5)",
"escalate_to": "team or user identifier",
"timeout_seconds": "integer",
"notification_channels": ["array of channels"]
},
"risk_threshold": "integer (0-100, policy applies above this)"
}
Environment Variables
# Policy engine configuration
POLICY_CACHE_TTL=300 # Cache TTL in seconds
POLICY_CACHE_HIGH_RISK_TTL=60 # TTL for high-risk evaluations
POLICY_DEFAULT_DECISION=REQUIRE_APPROVAL
POLICY_PERFORMANCE_TARGET_MS=200 # Target response time
Engine Options
| Option | Default | Description |
|---|---|---|
cache_ttl | 300 | Standard cache TTL (seconds) |
high_risk_cache_ttl | 60 | Cache TTL for high-risk (seconds) |
default_decision | REQUIRE_APPROVAL | Decision when no policy matches |
fail_closed | true | Deny on evaluation errors |
enable_nl_parsing | true | Enable natural language policy parsing |
Usage Examples
Create a Policy (Python SDK)
from ascend import AscendClient, PolicyDecision
client = AscendClient(api_key="your-api-key")
# Create a structured policy
policy = client.policies.create(
policy_name="production-database-protection",
description="Protect production database from write operations",
is_active=True,
priority=50,
# Match criteria
namespace_patterns=["database"],
verb_patterns=["insert", "update", "delete", "alter", "drop"],
resource_patterns=["production.*", "prod.*"],
# Conditions
conditions={
"environment": "production"
},
# Action
action=PolicyDecision.REQUIRE_APPROVAL,
action_params={
"approval_level": 3,
"timeout_seconds": 3600
}
)
print(f"Policy created: {policy.policy_name}")
Create Policy from Natural Language
from ascend import AscendClient
client = AscendClient(api_key="your-api-key")
# Create policy using natural language
policy = client.policies.create_from_nl(
policy_name="pii-data-protection",
natural_language_description="""
Block any agent from accessing or modifying
customer personal information in the production database.
This includes SSN, credit card numbers, and passwords.
Allow read-only access for compliance team members.
"""
)
# The NL parser extracts:
# - Decision: DENY (from "block")
# - Resources: PII indicators (SSN, credit card, passwords)
# - Namespace: database
# - Exceptions: compliance team for read access
print(f"Parsed policy: {policy.parsed_from_nl}")
print(f"Confidence: {policy.confidence}")
Create Policy (cURL)
curl -X POST https://api.ascend.security/api/policies \
-H "Authorization: Bearer YOUR_API_KEY" \
-H "Content-Type: application/json" \
-d '{
"policy_name": "after-hours-restriction",
"description": "Require approval for actions outside business hours",
"is_active": true,
"priority": 100,
"conditions": {
"time_range": {
"outside_hours": true,
"start_hour": 9,
"end_hour": 17,
"timezone": "America/New_York"
}
},
"actions": "REQUIRE_APPROVAL",
"action_params": {
"approval_level": 2,
"notification_channels": ["slack", "email"]
}
}'
Evaluate Action Against Policies
from ascend import AscendClient
client = AscendClient(api_key="your-api-key")
# Evaluate an action against all policies
result = client.policies.evaluate(
user_id="user-123",
user_email="analyst@company.com",
user_role="analyst",
action_type="database_query",
resource="production.customers",
namespace="database",
environment="production",
client_ip="192.168.1.100"
)
print(f"Decision: {result.decision}")
print(f"Risk Score: {result.risk_score.total_score}")
print(f"Risk Level: {result.risk_score.risk_level}")
print(f"Evaluation Time: {result.evaluation_time_ms}ms")
print(f"Cache Hit: {result.cache_hit}")
# Risk breakdown
for category, score in result.risk_score.category_scores.items():
print(f" {category}: {score}/100")
# Matched policies
for policy in result.matched_policies:
print(f" Matched: {policy.policy_name} ({policy.confidence})")
# Recommendations
for rec in result.recommendations:
print(f" {rec}")
List All Policies
curl -X GET https://api.ascend.security/api/policies \
-H "Authorization: Bearer YOUR_API_KEY"
# Response:
# {
# "success": true,
# "policies": [
# {
# "id": 1,
# "policy_name": "production-database-protection",
# "priority": 50,
# "is_active": true,
# "policy_status": "deployed",
# "created_at": "2026-01-20T10:00:00Z"
# }
# ],
# "total": 15
# }
Get Policy Statistics
from ascend import AscendClient
client = AscendClient(api_key="your-api-key")
stats = client.policies.get_statistics()
print(f"Total Policies: {stats.total_policies}")
print(f"Active Policies: {stats.active_policies}")
print(f"Deployed Policies: {stats.deployed_policies}")
print(f"Created Today: {stats.created_today}")
Get Engine Performance Metrics
from ascend import AscendClient
client = AscendClient(api_key="your-api-key")
metrics = client.policies.get_performance_metrics()
print(f"Total Evaluations: {metrics.total_evaluations}")
print(f"Avg Evaluation Time: {metrics.avg_evaluation_time_ms}ms")
print(f"Cache Hit Rate: {metrics.cache_hit_rate}%")
print(f"Performance Target Met: {metrics.performance_target_met}")
Clear Policy Cache
from ascend import AscendClient
client = AscendClient(api_key="your-api-key")
# Clear cache after policy changes
result = client.policies.clear_cache()
print(f"Entries Cleared: {result.entries_cleared}")
print(f"Previous Hit Rate: {result.cache_hit_rate_before_clear}")
Best Practices
Policy Naming Conventions
Format: {scope}-{resource}-{action}
Examples:
production-database-protectionpii-data-access-controlafter-hours-restrictionadmin-privilege-escalation
Priority Guidelines
| Priority | Use Case | Examples |
|---|---|---|
| 1-25 | Critical security | Block admin abuse, prevent data exfiltration |
| 26-50 | Compliance rules | PII protection, audit requirements |
| 51-75 | Business logic | Department restrictions, resource limits |
| 76-100 | Default behaviors | Standard approval workflows |
Policy Design Principles
- Specific Over General: Create targeted policies rather than catch-all rules
- Fail Closed: Default to REQUIRE_APPROVAL when uncertain
- Layered Defense: Multiple policies with different priorities
- Regular Review: Audit policies quarterly
- Test First: Use dry-run testing before deploying
Performance Optimization
- Use Caching: Enable caching for repeated evaluations
- Optimize Patterns: Simple patterns evaluate faster
- Limit Conditions: Fewer conditions = faster evaluation
- Priority Tuning: Place common-match policies higher in priority
- Monitor Metrics: Track evaluation times and adjust
Security Recommendations
- Audit Trail: Ensure all evaluations are logged
- Version Control: Track policy changes
- Separation of Duties: Different users create vs. deploy policies
- Regular Testing: Test policies with realistic scenarios
- Incident Response: Have policies for emergency situations
Related
- Policy Concepts - Core concepts explained
- Visual Policy Builder - UI-based policy creation
- Policy Templates - Pre-built policy templates
- Policy Testing - Dry-run and testing
- Risk Scoring - Risk calculation details
Compliance
The policy engine supports compliance with:
- SOC 2 CC6.1: Logical access controls
- SOC 2 CC6.2: Access authorization
- SOC 2 CC8.1: Change management for policies
- PCI-DSS 7.1/7.2: Access control systems
- NIST 800-53 AC-3: Access enforcement
- NIST 800-53 AC-6: Least privilege
- HIPAA 164.312: Access controls
- GDPR Article 25: Data protection by design