Govern AI coding agents at company scale.
Eight capabilities that turn raw agent access into auditable, budgeted, governed infrastructure. Pick one to dive in.
Audit signing chain
Ed25519 signs every audit row. Tamper-evident hash chain. Verify any range cryptographically against your public per-company key.
Read moreSIEM push
Stream signed audit events to Splunk, Datadog, Elastic, Microsoft Sentinel, or S3 WORM. mTLS + JWT, retry with backoff.
Read moreSSO + SCIM
OIDC login from Okta, Azure AD, Google. Optional SCIM 2.0 for full user lifecycle. JIT-provision groups on first login.
Read moreBudgets & cost ledger
Per-team, per-user, per-repo cost visibility with real-time burn-rate. Token cost attributed to the exact prompt. Seat limits plus configurable USD caps that hard-stop, notify, or warn on breach.
Read moreSession replay
xterm-accurate playback with scrubber, bookmarks, lazy keyframes. Your full retention window at your fingertips.
Read moreAir-gapped install
Signed mega-tarball. Customer-supplied license JWS. Caddy internal CA. Optional offline update server, polled - never push.
Read moreAgent workflows
Wire agent and exec steps into a DAG, validate it, run it, and watch the run record live. Starter templates and a visual canvas. Isolated per team; node timeout sends SIGTERM.
Read moreSandbox / egress isolation
Opt-in per-company policy to run agent sessions in an isolated network namespace (netns). Egress is denied by default, so an agent can't exfiltrate over the network. Default off.
Read more