AI Assistant

Definition. The AI Assistant is a built-in operator copilot. It helps the people running Noxtica work faster — answering questions about your configuration, summarizing recent activity, and surfacing what’s relevant — without leaving the console.

It is an operator tool, not an autonomous one. It runs under the operator session and helps a human; it does not run your business or change your systems on its own.

How Noxtica does it

The assistant is powered by Claude, with multi-provider support (OpenAI, Gemini, xAI) so the model choice isn’t locked to a single vendor. Crucially, it runs server-side:

• Server-side execution. The assistant runs under the operator session on Noxtica’s servers — not in an uncontrolled client context. The operator’s session governs what it can see.
• RBAC re-check per tool call. Every tool call re-checks the operator’s role-based permissions. The assistant can never read something the signed-in operator couldn’t read themselves; access isn’t granted once and forgotten.
• Per-tenant budget caps. Each tenant has a budget cap, so usage stays bounded and predictable.
• Audit logging. Every action the assistant takes is logged, so there’s a record of what it did and on whose behalf.

Phase 1 — read-only tools

Today the assistant’s agentic tools are read-only. It can:

• List policies.
• List rules.
• List domains.
• List recent fingerprints.
• Read the risk distribution.
• Read the audit log.

That’s the full extent of what it can do on its own: read and summarize. It does not change configuration, flip flags, or take action against traffic.

Phase 2 — write behind a flag

Write and mutation tools are a Phase 2 capability, and they will arrive behind a flag — opt-in, deliberate, not on by default. Even then, the assistant remains an operator copilot: it does not autonomously change customer systems. The boundary is firm — it helps you operate Noxtica; it does not act on your infrastructure for you.

Where it fits

The assistant is the “we operate agentically” meaning on the agentic spine. It is distinct from MCP (which is how your agents read Noxtica) and Know Your Agent (which governs which agents reach your site). See Agentic Security for the full picture.

Read deeper

• Agentic Security — the assistant’s place among the three meanings of “agentic”.
• MCP Integration — the integration-side counterpart.
• Engineering principles — the operating constraints the assistant respects.