Getting Started with Control Core

Control Core is the policy-driven control plane for protecting APIs, applications, data paths, and AI traffic with one consistent enforcement model. This page is the shortest path to understanding how it fits together, choosing a deployment path, and enforcing your first control without repeating the deep-dive material that already lives elsewhere in the docs.

What Control Core Does

• Centralizes authorization across users, services, workflows, and AI agents
• Keeps enforcement externalized so protected resources stay out of the policy business
• Supports Zero Trust access decisions before a request reaches the target resource
• Produces audit-ready evidence for operational and compliance review

Towards Zero Trust: How Control Core Fits In

The diagram below shows the request path at a glance. A subject sends a request, the Bouncer intercepts it, policy is evaluated using Control Core context, and only an explicit allow reaches the protected resource.

Flow: Subject -> Request -> Bouncer / PEP -> Policy decision -> Resource. Denied requests are blocked and logged before the resource is touched.

Modern Architecture Flow

Use the interactive component below to inspect the role of each major Control Core component in the request path.

For the full architecture, data flows, sandbox/production model, and deployment patterns, see Architecture Overview.

Choose Your Deployment Path

Start with the model that matches how much of the platform you want to operate yourself.

Commercial paths (Kickstart trial vs Custom perpetual), Bouncer-based packaging, and governance workflows for policy and compliance teams are summarized in Licensing and deployment options.

Need the broader deployment checklist first? Start with the Deployment Guide.

First Steps After Deployment

Once the Control Plane and Sandbox Bouncer are up, keep the first run simple:

1. Log in, rotate the admin password, and create environment API keys.
2. Connect your controls repository and confirm the Sandbox Bouncer is active.
3. Verify resource discovery, create a basic sandbox policy, and test it through the Bouncer.

The full operational checklist lives in the Administrator Guide.

Create Your First Policy

Treat this as a short starter, not the full authoring manual:

1. Go to Policies and create a sandbox policy linked to a resource and bouncer.
2. Use the visual builder, code editor, or a template to define a simple allow or deny rule.
3. Test it, deploy it to sandbox, and confirm the result in audit logs.

For full policy authoring and lifecycle details, use:

• Policy Manager User Guide
• Policy Templates
• PBAC Best Practices
• Rego Guidelines

AI And Advanced Enforcement

Control Core uses the same policy-driven model to govern LLM routes, prompt safety, data protection, and AI-related access decisions.

Start here if AI traffic is part of your rollout:

• AI Governance
• Control Core AI Pilot

Where To Go Next

Support

If you get blocked during rollout:

• Start with the Administrator Troubleshooting Guide
• Use the Deployment Guide for runbook-level validation
• Contact support@controlcore.io for technical support
• Contact info@controlcore.io for general product and deployment questions