VerifyWise is a source available AI governance platform designed to help businesses use the power of AI safely and responsibly. Our platform ensures compliance and robust AI management without compromising on security.

We are democratizing AI best practices with a solution that can be hosted on-premises, giving you complete control over your AI governance.

Quick links

• Join our Discord channel to ask your questions and get the latest announcemnets.
• Need to talk to someone? Get with us to see the latest demo, or click here to experience the demo yourself.

Screenshots

Main dashboard

Bias & fairness module

EU AI Act project view

Risk management

AI trust center

Policy manager

Features

• Option to host the application on-premises or in a private cloud
• Source available license (BSL 1.1). Dual licensing is also available for enterprises
• Faster audits using AI-generated answers for compliance and assessment questions
• Full access to the source code for transparency, security audits, and customization
• Docker and Kubernetes deployment (also deployable on render.com and similar platforms)
• User registration, authentication, and role-based access control (RBAC) support
• Major features:
  • Support for EU AI Act, ISO 42001, NIST AI RMF and ISO 27001
  • Vendors & vendor risks
  • AI project risks
  • Tasks
  • Bias & fairness check of LLM systems
  • Evidence center
  • AI trust center for public view
  • AI literacy training registery
  • Integration with MIT and IBM AI risk repository
  • Model inventory and model risks that keeps a list of models used and risks
  • Policy manager to create and manage internal company AI policies
  • Risk and control mappings for EU AI Act, ISO 42001, NIST AI RMF and ISO 27001
  • Detailed reports
  • Event logs (audits) for enterprise organizations
  • AI incident management
  • Integrations (currently Slack and MLFlow is supported, more on the way)
  • Automations (when an entity changes, do this, or send period reports, or send webhooks)
  • Google OAuth2 and Entra ID (enterprise edition) support for authentication

Installation

The VerifyWise application has two components: a frontend built with React.js and a backend built with Node.js. At present, you can use npm (for development) or Docker/Kubernetes (production) to run VerifyWise. A PostgreSQL database is required.

Installation using npm (for development)

Prerequisites:

• npm and Docker
• A running PostgreSQL, preferably as a Docker image (eg. using docker pull postgres:latest)
• Available ports: 5173 (frontend), 8080 (backend), 5432 (database)

Step 1: Clone and install dependencies

First, clone the repository to your local machine and go to verifywise directory. Then, navigate to the Clients directory and install the dependencies:

git clone https://github.com/bluewave-labs/verifywise.git
cd verifywise
cd Clients
npm install
cd ../Servers
npm install

Go to the root directory and copy the contents of .env.dev to the .env file. For security, you must set a strong and unpredictable JWT_SECRET in your .env file. This secret is used to sign and verify your JWT tokens, so it must be kept private and cryptographically secure. You can generate a 256-bit base64-encoded secret using openssl rand -base64 32.

cd ..
cp .env.dev Servers/.env

In .env file, change FRONTEND_URL and ALLOWED_ORIGINS:

FRONTEND_URL=http://localhost:5173
ALLOWED_ORIGINS=["http://localhost:5173", "http://localhost:8082"]

Run the PostgreSQL container with the following command:

docker run -d --name mypostgres -p 5432:5432 -e POSTGRES_PASSWORD={env variable password} postgres

Run redis with following command:

docker run -d --name myredis -p 6379:6379 redis

Access the PostgreSQL container and create the verifywise database:

docker exec -it mypostgres psql -U postgres
CREATE DATABASE verifywise;

Navigate to the Servers directory and start the server in watch mode:

cd Servers
npm run watch

Navigate to the Clients directory and start the client in development mode:

cd Clients
npm run dev

Note: Make sure to replace {env variable password} with the actual password from your environment variables.

Note: Since no users exist by default, you'll see the admin registration page first. Register your admin account here. After registration, you'll be redirected to login, and will be able to use your new credentials.

Installation using Docker (production)

First, ensure you have the following installed:

• npm
• Docker
• Docker Compose

Create a directory in your desired folder:

mkdir verifywise
cd verifywise

Download the required files using wget:

curl -O https://raw.githubusercontent.com/bluewave-labs/verifywise/develop/install.sh
curl -O https://raw.githubusercontent.com/bluewave-labs/verifywise/develop/.env.prod

Make sure to change the JWT_SECRET variable to your liking, and change localhost to the IP of the server. An example is shown below:

BACKEND_URL=http://64.23.242.4:3000
FRONTEND_URL=http://64.23.242.4:8080
ALLOWED_ORIGINS=["http://64.23.242.4:5173", "http://64.23.242.4:8080"]

Change the permissions of the install.sh script to make it executable, and then execute it.

chmod +x ./install.sh
./install.sh

Now the server is running on the IP and the port you defined in .env.prod file (8080 by default).

If the install.sh script doesn't work for some reason, try the following commands:

docker-compose --env-file .env.prod up -d backend
docker ps  # to confirm
docker-compose --env-file .env.prod up -d frontend
docker ps  # to confirm

If you want to re-run install.sh for some reason (e.g want to change a configuration in .env.prod file), first stop all Docker containers before starting a new one:

docker-compose --env-file .env.prod down
./install.sh

Note: Since no users exist by default, you'll see the admin registration page first. Register your admin account here. After registration, you'll be redirected to login, and will be able to use your new credentials.

Installing SSL

Here are the steps to enable SSL on your system.

1. Make sure to point domain to VM IP

2. Install Nginx:

sudo apt update
sudo apt install nginx -y

3. Create a config file (/etc/nginx/sites-available/verifywise) with the following content. Change the domain name accordingly.

server {
    server_name domainname.com;

    client_max_body_size 200M;

    # Custom error page for maintenance/upgrades
    error_page 502 503 504 /upgrade.html;

    location = /upgrade.html {
        root /var/www/verifywise;
        internal;
    }

    location / {
        proxy_pass http://localhost:8080;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }

    location /api/ {
        proxy_pass http://localhost:3000;
        proxy_http_version 1.1;
        proxy_set_header Upgrade $http_upgrade;
        proxy_set_header Connection 'upgrade';
        proxy_set_header Host $host;
        proxy_cache_bypass $http_upgrade;
    }
 }

4. Create the directory for custom error pages and copy the upgrade page:

sudo mkdir -p /var/www/verifywise
sudo curl -o /var/www/verifywise/upgrade.html https://raw.githubusercontent.com/bluewave-labs/verifywise/develop/Clients/upgrade.html

5. Enable the config:

sudo ln -s /etc/nginx/sites-available/verifywise /etc/nginx/sites-enabled/
sudo nginx -t
sudo systemctl restart nginx

6. Install Certbot for SSL:

sudo apt install certbot python3-certbot-nginx -y

7. Obtain SSL certificate. Change the domain name accordingly.

sudo certbot --nginx -d domainname.com

8. Update the .env.prod to point to correct domain. Change the domain name accordingly.

BACKEND_URL=https://domainname.com/api
FRONTEND_URL=https://domainname.com
ALLOWED_ORIGINS=["https://domainname.com:5173", "https://domainname.com"]

9. Restart the application

./install.sh

Note: The Nginx configuration includes custom error pages that display a professional "upgrading" message instead of the default "502 Bad Gateway" error when the servers are not running or during maintenance.

Email configuration

VerifyWise supports multiple email service providers through a provider abstraction layer, enabling administrators to choose the most suitable email service for their organization. The system includes security enhancements such as TLS enforcement, input validation and credential rotation for supported providers.

Below is a list of supported email providers. You can use this documentation to setup the email service of your choice.

• Exchange Online (Office 365) - Microsoft's cloud email service
• On-Premises Exchange - Self-hosted Exchange servers
• Amazon SES - AWS Simple Email Service
• Resend - Developer-focused email API
• Generic SMTP - SMTP support for any provider

Ports

You’ll need to open ports 80 and 443 so VerifyWise can be accessed from the internet.

Security

If you find a vulnerability, please report it here.

VerifyWise product line

VerifyWise also has additional products for end-to-end AI governance and management:

• MaskWise, which helps you detect, redact, mask, and anonymize sensitive data across text, images, and structured data in training datasets for LLM systems.
• EvalWise, a developer-friendly platform for LLM evaluation and red teaming that helps test AI models for safety, compliance, and performance issues