Install Espada

00 · Compare

Everything else observes.
Espada refuses.

Espada gets slotted next to three good products: Wiz for cloud posture, HashiCorp for infrastructure, GitHub for code security. Each is a SaaS that watches a system and tells you what's wrong — after the fact, from the vendor's control plane. Espada is a different category. It is a sovereign runtime that sits in the action path and refuses a destructive operation before it executes, in your network, signed by your hardware. The table below is the six-axis test, and every mark is sourced to the vendor's own public architecture. This page is not snarky — these are products we respect. They are simply answering a different question.

01 · Six axes

What a gate has to do.

Each axis is binary and verifiable from public architecture. They describe a runtime that can stand between an autonomous agent and your production — not a tool that reports on it.

  1. 1

    In-tenant runtime

    The product runs entirely inside the customer's network with no vendor-operated control plane in the path.

  2. 2

    Zero outbound by default

    The default posture makes no outbound calls — no telemetry, licensing heartbeat, or control-plane sync.

  3. 3

    Gates the action

    It sits in the action path and can refuse a destructive operation before it executes — not observe it after.

  4. 4

    Hardware-backed approval

    A destructive action requires a signature from customer-owned hardware the vendor never sees.

  5. 5

    Open, forkable runtime

    The runtime is open source under a permissive license the customer can audit, fork, and rebuild.

  6. 6

    Local audit, no escrow

    Decisions land in an append-only hash chain on customer storage, not a vendor SaaS retention tier.

02 · The comparison

Different categories, side by side.

Each row is a product Espada is compared to. Each column is one of the six axes — numbered legend below the table.

Six-axis comparison applied to Espada and the three products it is most often slotted against.
Product 1 2 3 4 5 6
Espada Sovereign Infrastructure Agent
Wiz Cloud security posture (CNAPP)
HashiCorp Cloud Platform HCP — Terraform, Vault, Boundary
GitHub Advanced Security + Copilot GitHub
  1. 1 In-tenant runtime
  2. 2 Zero outbound by default
  3. 3 Gates the action
  4. 4 Hardware-backed approval
  5. 5 Open, forkable runtime
  6. 6 Local audit, no escrow

Meets Partial Does not meet

Espada Sovereign runtime — gates agent actions in your tenant

Self-hosted single binary. Default-deny outbound. Effect inspector resolves every tool call; destructive actions require a customer hardware signature. Audit chain is a local SHA-256 hash chain. Runs with the cable unplugged. Commercial proprietary core (customer-auditable source available to design partners and enterprise customers under NDA); the embeddable `@espadalabs/action-firewall` package is Elastic-2.0 OSS. Customers can audit, but not fork-and-redistribute, the full runtime — hence partial on the open-runtime test.

Wiz SaaS — scans your cloud and reports risk

An excellent posture and vulnerability product, delivered as a multi-tenant SaaS. It connects to your cloud accounts, ingests configuration and runtime signals into Wiz's platform, and reports risk. It observes and prioritizes; it is not in the action path and cannot refuse a destructive operation at execution time. The control plane and evidence are Wiz-operated.

HashiCorp Cloud Platform Managed infrastructure SaaS

The self-managed editions of Terraform, Vault, and Boundary can run in your network (criterion 1 partial), and Vault brokers secrets/approvals for some workflows (criteria 3–4 partial). But HCP itself is a vendor-operated control plane, the products are source-available / BSL rather than permissive (criterion 5 partial), and audit/state can live in HCP. It governs infrastructure change; it is not a default-deny gate on arbitrary agent actions.

GitHub Advanced Security + Copilot Developer-platform SaaS

Code scanning, secret scanning, and Copilot autofix run inside GitHub's platform against your repositories. Strong at finding issues in code before merge. It operates on the repository, not on the live action an agent takes against production, and it is a GitHub-operated SaaS. The runtime, the keys, the audit, and the hardware are GitHub's.

03 · Honest fit

They are not the wrong answer.

If your question is "where is my cloud misconfigured?" buy Wiz. If it is "how do I manage infrastructure state and secrets across teams?" HashiCorp is the mature answer. If it is "is there a vulnerability in this pull request?" GitHub Advanced Security is built for exactly that. We are not pretending those products fail at their jobs — they pass.

Espada answers a question none of them do: "an autonomous agent with my credentials just proposed a destructive action — what stands between it and production, in my tenant, that the vendor cannot see or override?" That is a runtime gate, not a SaaS report. It is why the table above is a category fork rather than a feature race. You will likely run Espada alongside a posture tool, not instead of one.

Buy the observers for what they see. Buy the gate for what it refuses.

04 · Methodology

Where the marks come from.

Every mark is sourced to the vendor's own public architecture documentation as of the publication date below, or — for Espada — to the runtime in this repository. A PARTIAL records a real option the vendor offers (HashiCorp's self-managed editions, Vault's approval brokering) before explaining why it does not fully meet a strict, default-on bar. We do not cite analyst grids or sales decks.

If a vendor disputes a mark, email compare@espadafirewall.com with the specific cell, the architecture document that contradicts it, and the document's date. We will update the cell, append a dated changelog, and credit the correction — the same policy as the sovereignty audit.

First published 2026-05-26. Reviewed quarterly.

Ready when you are.

One binary. One install. One hour to your first signed action.

Install Espada Read the security model