Enterprise AI Governance Research
Foundational research, frameworks, and analysis for governing enterprise AI, autonomous agents, and control-plane adoption in regulated organisations.
Helixar Research
Research, frameworks, and analysis for enterprise AI governance, compliance, and agentic risk.
State of Enterprise AI Governance in ANZ 2026
The flagship Helixar research report on enterprise AI governance in Australia and New Zealand, covering regulation, standards, operational resilience, privacy, agentic AI, readiness, board assurance, and control-plane evidence.
Read researchEnterprise AI Governance Explained
The Helixar research primer for enterprise AI governance: accountability, risk, compliance, auditability, and control-plane thinking.
Read researchAI Governance Operating Model
How enterprises should organise AI governance across the board, executive teams, risk, security, privacy, legal, audit, engineering, and business owners.
Read researchEnterprise AI Risk Management
A risk-management view of AI governance: model risk, privacy risk, security risk, operational risk, third-party risk, autonomy risk, and accountability risk.
Read researchAI Governance Maturity Model
A five-level Helixar maturity model for boards, CISOs, risk teams, and compliance leaders assessing enterprise AI governance readiness.
Read researchAI Governance for Government Agencies
How public sector teams can govern AI with transparency, record keeping, human oversight, privacy, procurement discipline, and public trust.
Read researchInfrastructure for the agentic layer, published openly
Helixar Labs ships open protocols and open-source tools under Apache 2.0 / MIT, freely usable in production without licensing or vendor lock-in.
Published research and standards work
Hosted on arXiv, SSRN, and the IETF datatracker. Click through for the full text and supplementary material.
- 1arXiv
Human Delegation Provenance for Agentic AI Systems
Pre-print describing the cryptographic delegation model that underpins HDP. Companion to the IETF individual draft.
- 2IETF
draft-helixar-hdp-agentic-delegation-00
Individual draft formalising HDP for agentic AI delegation: token format, signing, verification, and chain-of-authority semantics.
- 3SSRN
Physical-AI Authorisation: Irreversibility Classes and Pre-Execution Audit
The HDP-P companion paper formalising the irreversibility taxonomy and pre-execution audit requirement for actuator-bound agents.
- 4SSRN
Behavioural Detection Boundaries for Autonomous AI Agents in Enterprise Environments
Empirical study of where signature- and anomaly-based detection break down when the attacker is an authorised AI agent.
How we publish, and the bar we hold
Editorial guidelines
Every draft begins as a structured threat record and is reviewed by a member of the Helixar Research Team before merge, sources verified, entities and CVEs checked against authoritative records, original analysis required.
AI-assist disclosure
The drafting pipeline uses large language models; every published article is the product of an automated draft and a human review. The byline is Helixar Research Team. We do not invent named author personas.
Sources & allowlist
A minimum of three references resolving to original disclosing sources, NIST NVD, CISA, MITRE, vendor advisories, the IETF datatracker. We do not cite aggregators as primary sources.
Quality bar
A pre-merge lint requires 800+ words for threat pieces, three external references, every CVE validated against NIST NVD JSON, and original analysis above 80% of the body.
Corrections policy
We acknowledge reports within two business days, publish a correction at the top of the affected article, update its dateModified, and never silently edit to remove errors.
Editorial independence
We write about competitors, and about open standards we are commercially involved with (HDP, HDP-P, ReleaseGuard), and say so where it matters. No paid placements; vendors do not pre-review coverage.
Published research and threat intelligence on this site are informational and do not constitute professional security, legal, or compliance advice. References to third-party platforms and standards are for technical context only; Helixar is not affiliated with or endorsed by them unless explicitly stated.
Spotted an error? Write to [email protected] , we correct in the open.