New Feature Announcements: Agentic Rules Enforcement Attestation in AI-Generated Code and AI Budget Control

As AI coding assistants become the norm rather than the exception, security and platform engineering teams face a new challenge: how do you maintain control and visibility when AI is writing significant portions of your codebase? Today, we're announcing two unique features that give you the governance you need around cost and efficiency.

Arnie Attestations in AI-Generated Code: Prove Your Code is Secure by Default

When AI writes your code, how do you know it followed your security rules? Security teams are left to wonder if AI respected their authentication requirements, their input validation standards, or their secure coding guidelines. You could scan the code after it's written, but that creates friction; catching issues in code review means delays, rework, and frustrated developers.

Arnica's Arnie Attestations feature brings proof of security directly into your pull requests. When developers use AI coding assistants with Arnica's agentic rule enforcement rules applied, every PR automatically includes visible evidence showing exactly how many times the AI respected your security rules during code generation.

• Rule Compliance Count: See how many times the AI coding tool applied security rules during code generation
• Visible Attestations: Inline evidence in source code showing which security guidelines were enforced and why
• Repository-Level Visibility: Track attestations across all repositories to see which projects are generating secure code by default

These attestations appear directly in your code across all supported source code management solutions such as GitHub, GitLab, Bitbucket, or Azure DevOps. Security teams can quickly verify that code was generated with security controls in place. Developers gain confidence that their AI-generated code meets security standards before it enters review. And most importantly, you prevent security issues before they're ever written.

When Arnica's AI SAST scanner runs on pull requests where agentic rules are enforced, it finds almost nothing to flag because the code was already generated securely with no friction, no rework, and no delays.

AI Budget Control: Stop Surprise Costs Before They Start

AI-powered scanning and code generation consume tokens, and tokens cost money. Without visibility and control over your AI spend, agentic work can spiral unpredictably. You might be burning through your OpenAI, Claude, or Gemini credits without knowing which repos are driving costs, which scans are necessary, or when you're about to hit your budget limits. You might not even be able to differentiate between essential security scans and nice-to-have suggestions.

Arnica's new AI Budget Control page gives you granular control over your AI spending with real-time visibility and automatic enforcement. Set budgets and models per capability and watch your consumption in real time with complete input/output token breakdowns.

• Capability-Level Budgeting: Allocate separate budgets for AI SAST scans and AI-generated suggestions. Keep critical security scanning running while managing spend on developer suggestions.
• Multi-Model Support: Whether you're using OpenAI, Anthropic Claude, Google Gemini, or multiple providers, set individual budgets and track usage per agent type. For example, use cheaper models for heuristic scans, and utilize more advanced models for deep analysis.
• Automatic Enforcement: Arnica automatically stops API calls the moment you hit your budget limit‚ with surprise overages and no manual intervention required.
• Smart Optimization: Our intelligent caching means if a file hasn't changed and the prompt hasn't changed, then we don't rescan it. Watch your costs decline as repos stabilize, while maintaining full coverage on active development.
• Complete Transparency: See exactly where every token goes with detailed breakdowns by capability over time. Make informed decisions about where to invest your AI budget. This transparency enables predictability by estimating the potential cost per month.

You maintain comprehensive security coverage while keeping AI costs predictable and under control. Your CFO stays happy, your security team stays protected, and your developers stay productive.

Governance Over AI Development

AI is transforming how we write code. These two new features ensure you're transforming with control, not chaos.

As one of our enterprise customers put it: "Our leadership kept asking us where AI agents were deployed and whether they were secure. Now we can show them both the inventory and the proof that our controls are working."

Both AI Budget Control and Arnie Attestations in AI-generated code are available now for Arnica customers. To enable these features in your tenant or learn more about AI governance capabilities, contact your Arnica customer support rep.

Ready to take control of AI in your code? Schedule a demo to see these features in action.

‍

‍