IndyKite Helps Enterprises Build Trust in AI and Data with Neo4j

AI agents are forcing enterprises to confront a data problem they used to be able to work around. Managing a data lake or creating joins from different enterprise data systems was challenging for people. But with AI agents now reaching across systems, instantly retrieving unvetted data and taking action in seconds, things can get out of hand quickly.

To try and use the “right” data, many organizations are carving their data into smaller data ponds or “reservoirs,” with more controlled environments. This adds cost and duplication without fixing the real problem: can a company govern its data? To address this, IndyKite uses a knowledge graph built on Neo4j to connect data across systems, preserve the relationships that provide context, and control how data is retrieved and used.

IndyKite calls this a context graph — a knowledge graph extended with provenance, temporal validity, and materialized decision traces. The distinction matters because agents don’t just need facts; they need to know where data came from, when it was valid, and how prior decisions were made. “We’re moving from static permissions to dynamic intent-aware governance,” said Dave Bennett, Senior Solutions Engineer at IndyKite. The graph becomes the control plane, not just the data model.

“What our customers are primarily looking for is one reliable place where all their fragmented data comes together and turns into trusted, contextual decisions that flow straight into their daily operations and agentic AI,” said Derek Small, Head of Customer and Partner Experience at IndyKite — even if the data is located in multiple systems or locations.

This flexibility has become more important as customers prepare for AI. “We’re providing a system of trust so they can have higher confidence in what their AIs and their agents are returning to them,” Small said.

IndyKite’s roots are in access control, using relationships, knowledge graphs, and context to drive highly granular authorization. From there, the platform expanded to support real-time data delivery, context sharing, and trust. “Being able to deliver data in real time, to be able to share context in real time, to build trust into data — these things are really important for our customers,” says Patricia Alfheim, Marketing Manager at IndyKite.

When trust breaks, operations slow

This problem becomes more pressing when AI systems are layered on top of disconnected data, because businesses are not only dealing with slow lookups and incomplete records, they’re also dealing with automation that amplifies those weaknesses.

Rockwell Automation is one of the clearest examples. According to Small, Rockwell was selling software licenses tied to physical equipment, but the data behind those relationships was scattered across systems. Licensing data sat in one place, customer records in another, and equipment data somewhere else. “They couldn’t trust the information that they were getting because it was all siloed,” Small said. “It was all by application, by customer, and there was no way to tie back to the licensing software.”

That fragmentation had direct operational consequences. Sales teams would discover gaps between software licenses and the equipment actually in use. Some customers had more equipment than they had licenses for. Others had more licenses than hardware. Sales could not see the installed base. Marketing and manufacturing could not tell who had what without checking multiple systems.

IndyKite’s answer was to pull those data sources into a knowledge graph and relate customers, users, products, licenses, and equipment in one model. Once that view was in place, Rockwell could spot underlicensing and overlicensing, see adjacent product opportunities, and give more teams access to a trusted source. With better access control and governance over their data, Rockwell realized immense value. As Small put it, “other parts of the organization are realizing, we can tie into that now because you actually have valid data that’s easy to get to.”

Heavy equipment and freight vehicle manufacturer PACCAR faced a similar challenge in a different setting. Small said the company needed a way to bring together data tied to truck chassis, components, wear and tear, and mean time to failure. Those relationships extended beyond the vehicle itself. “In many cases there’s a fleet management firm involved. There’s also a service management firm. There’s a whole host of relationships that again were all siloed elsewhere,” he said.

Instead of forcing people to chase answers across multiple systems, IndyKite gave PACCAR one trusted place to connect those relationships and act on them. The ability to leverage contextual insights for decision and access control made the data more useful for operations and service, and opened the door to broader ecosystem knowledge built from connected, trustworthy data.

Why IndyKite moved beyond role-based access

Part of the challenge is that many enterprises still rely on role-based access control, or RBAC, to establish trust. Small says that approach was already problematic with human users and is even less suited to AI agents.

“We’ve been trying to do RBAC since the early ’90s, and we have never managed to do it right for humans,” he said. “So what makes one think we can do it right for AI? With AI agents I can spin up tens of thousands of them per minute and how are you going to track and manage all that in a role-based system?”

IndyKite uses Knowledge-Based Access Control, or KBAC, which Small describes as a combination of relationship-based and attribute-based access control. In practice, that means the platform can make decisions based on how people, systems, agents, and data are connected, along with metadata about the data itself. It gives customers a more precise way to govern who can retrieve data, who can update it, and what can happen next.

Alfheim explains the gap: “Traditional access approaches don’t work with agents because they can’t govern how agents use the data,” she said. “They can say you can access the data but they don’t govern how agents can use data. That is a massive blind spot.” Her point is that agent control has to extend beyond access — it also has to govern intent and use at the data level.

The other shift IndyKite is pushing is treating agents themselves as first-class identities in the graph. Agents are materialized as nodes with owners, skills, and tools — producing what Bennett describes as “a catalog of agents, skills, and tools” the enterprise can actually govern. From there, agents get no standing privilege. Instead, every action carries a full calling chain: the original human user, the agent acting on their behalf, and any downstream agents in the workflow.

“Agents have no standing privilege in our world. Instead, they get their context from a calling human or another calling agent,” Bennett said. “We always have a full calling chain from the first user to the last agent.”

That chain is what lets policy evaluate whether a given action is allowed in the context of who initiated it, what workflow it’s part of, and what the calling agents are permitted to do. Even if a user has broad access on their own, the slice of access available through a specific agent workflow can be scoped down to only what that workflow needs. It’s a sharper answer to the agent-control problem than role-based access can offer.

A graph model for trust, not more copies of data

This is where IndyKite parts ways with the way many companies have managed data for years. Rather than copy more data into more controlled stores, the company argues that businesses should leave the data lake intact, connect what matters, and govern retrieval and use through relationships and metadata.

“We want to be able to provide them with the ability to leave it all in the lake and then reference how the agent can access what they can’t and what they can do with it,” Small said.

That idea becomes more relevant as enterprises try to govern AI. IndyKite has explained how persistent access creates risk, while dynamic permissions let every request be evaluated in real time using live metadata. This moves the reliance from hardcoded credentials, service accounts, or API keys to a model where access becomes context-aware and temporary, not broad and always on.

IndyKite can sync data into the graph, let applications write directly through APIs, or create a hybrid digital twin that references external data without pulling everything into a new store. That gives customers a way to govern what they already have instead of creating another layer of disconnected infrastructure.

Why Neo4j fit the model

A knowledge graph is what makes this possible. Neo4j stood out because it handled highly connected data more easily than hierarchical or relational models, where performance often drops as database joins pile up.

For IndyKite, graph is not only a data model — it is the way authorization and trust stay tied to changing relationships. “The beautiful part is we can change the model really dynamically and all the authorization policies flow with it because they’re all tied to the relationship models,” Small said.

He also pointed to standards as part of the appeal. “We used Neo4j because it embraced standards like Cypher and openCypher, that in its own right really attracted us because it provides portability for people and provides ease of skill transfer.”

In IndyKite’s graph, customer records can be linked to consent information, transaction history, access policies, provenance, and the agents that process them. Metadata such as sensitivity, consent, provenance, and purpose travels with that data, so each request can be evaluated against task relevance, data sensitivity, real-time operational needs, and neighboring context. This approach shifts access from static permissions to adaptive authorization — a more dynamic approach for timely data and agent-based actions.

Scoring trust at the data level

IndyKite also adds a trust score to the equation. Alfheim said the platform embeds trust signals directly in the metadata of the data itself, including freshness, source system, sensitivity, and access restrictions. Those signals can then be read by policy and access engines during enforcement.

“Especially in the age of AI you need to actually quantify trust,” she said. “It’s not enough to just say it’s trusted.”

IndyKite is helping organizations judge how much confidence to place in that data, and whether it is fit for a given use. In a graph model, relationships show where the data came from and how it connects. The trust score adds another layer, helping organizations distinguish more reliable data from weaker data when people, applications, or AI systems retrieve it.

Bennett frames provenance as a fourth dimension of the data itself, sitting alongside the value, the schema, and the relationships. In IndyKite’s model, every property carries metadata about where it came from, when it was captured, and how trustworthy the source is. That lets queries filter on data quality at runtime — “we can make sure that the impure or unwashed data is not part of the decision-making process,” Bennett said. The trust score is not a separate scoring system; it’s a property of the data the graph already holds.

Preparing for the next phase of AI governance

As enterprises move from AI experiments to agents that retrieve data, call tools, and act across systems, IndyKite sees a stronger need to not only question whether a model is accurate, but whether businesses have a way to govern AI agents.

Alfheim says the company is seeing strong demand around agent control because customers need to solve the problem before they let agents loose on enterprise data and create unnecessary risk for security teams. IndyKite’s conversations are increasingly with CIOs, chief data officers, and CISOs focused on one question: how to put governance around agentic AI. “How do we know and how can we assure that the AI agent is only getting what it’s supposed to and that it’s reporting it to people who are entitled to get that data?” Small added.

The company’s technical answer is that contextual authorization evaluates each action in real time using purpose, sensitivity, and relationships. Dynamic permissions adapt as conditions or intent change. Secure coordination applies policy across agents, APIs, and models. Provenance records the path behind each decision. This is how IndyKite frames a knowledge graph as a trust and control layer for AI autonomy.

Rockwell and PACCAR show how this approach is helping today, with better visibility, coordination, and confidence in the data people use to make decisions. IndyKite is betting this same foundation will matter even more as AI systems become part of the core operating infrastructure for enterprises.