How do I let vendors and partners into my AI safely?
Guest-tier roles plus a scoped subset of the graph. bRRAIn's 7th tier ("Guest") sees only what you publish for them. The Vendor Network ties external partners into your knowledge graph without blanket access.
Guest is a real role, not an exception
Vendor and partner access is usually a bolted-on exception to an internal-only system — and exceptions are where leaks happen. bRRAIn treats guest access as a first-class role. The Control Plane 7-tier hierarchy explicitly includes Guest as tier 7, with its own default policies, audit tags, and lifecycle rules. Guests do not inherit any permissions by default; they see only what is published to them. Making Guest a real tier rather than a workaround is what keeps vendor collaboration safe at scale.
Scoped graph subsets per partner
Different partners need different slices of your knowledge graph. A shipping carrier needs address and SKU data; a tax advisor needs contract terms and revenue data; a pen-test firm needs architecture documentation. bRRAIn's Workspaces let you publish partner-specific subsets — a carefully curated slice of the Vault rendered as a read-only guest workspace. The Memory Engine answers partner queries from that subset only; nothing outside it is queryable. Each partner gets exactly the scope they need, and no more.
Time-boxed access by default
Partner engagements end. Access that persists past the engagement is the root cause of most vendor-related breaches. bRRAIn's Control Plane supports time-boxed role grants — every guest tier assignment has an expiry date, and the Security Policy Engine revokes access automatically at the deadline. Renewal requires a deliberate approval, logged for audit. This flips the default: partner access is temporary unless explicitly extended, instead of permanent unless someone remembers to revoke it.
Every partner action is tagged and audited
Partner activity needs to be distinguishable from internal activity in the audit stream. bRRAIn tags guest-role queries, retrievals, and tool calls distinctly in the Security Policy Engine logs. Security teams can run reports like "show me all actions taken by partners last month, grouped by partner and workspace." When a question arises — did the carrier ever look up customer PII — the answer is a query, not an investigation. That audit granularity is what makes partner access approvable by risk committees.
Vendor network as a connected but bounded graph
Large enterprises often run ecosystems of partners — dozens of vendors, multiple tiers of suppliers. bRRAIn supports a Vendor Network pattern where external partners connect into their own scoped slice without ever seeing each other. Partner A cannot see Partner B's activity or data; the Vault isolation holds across guest tenants. The MCP Gateway restricts what tools each partner can invoke and rate-limits per partner. The result is a partner network that shares enough to collaborate without collapsing into a single trust boundary.
Relevant bRRAIn products and services
- Control Plane — 7-tier hierarchy with Guest as a first-class role, time-boxed by default.
- Workspaces — the unit of scoped partner access, with curated read-only subsets.
- bRRAIn Vault — maintains isolation across guest tenants so partners cannot see each other.
- Security Policy Engine — tags and audits every partner action distinctly in the log stream.
- MCP Gateway — restricts and rate-limits the tools each partner can invoke.
- Memory Engine — answers partner queries only from their published subset of the graph.