Skip to content
0.6.0 ReleasedStar us on GitHub
Cordum
Cordum
Deterministic AI Control Plane

The Control Plane for Autonomous AI Agents

Ship autonomous AI agents safely. Enforce policy before execution, require human approvals where risk demands it, and keep a full audit trail from first action to final result.

Get StartedTry a Policy DemoTalk to Sales

  • Policy decisions

    Every action evaluated before dispatch

  • Human approvals

    Required for risky operations

  • Audit trail

    Immutable timeline for compliance

Cordum dashboard showing workflow graph and run status

Coordinate multi-step flows with deterministic execution state.

The Problem

AI agents are going autonomous. Governance can’t wait.

Teams are deploying autonomous AI agents fast. Without a control plane, risk and ambiguity scale faster than value.

Ungoverned autonomy

Agents can restart services, write to production systems, or push code without explicit policy approval.

No reliable audit trail

When someone asks what happened, teams stitch together logs across tools and still miss key decisions.

Shadow automation risk

Teams build one-off safety checks under pressure. Control is inconsistent and hard to review.

The Solution

The control plane for Autonomous AI Agents

Cordum gives you a single governance layer between agent intent and production action — enforce policy, require approval, and audit every decision.

Safety Kernel

Policy-as-code evaluates every job before it can execute.

  • ALLOW, DENY, REQUIRE_APPROVAL, or ALLOW_WITH_CONSTRAINTS
  • Snapshot-based decisions with replayable reasoning
  • Simulation support before policy rollout

Human-in-the-loop

Approval gates pause high-risk operations until the right person approves.

  • Risk-aware approval routing
  • Decision binding to job hash and policy snapshot
  • Fast, clear operator experience

Full audit timeline

Every action and decision is captured in a deterministic run history.

  • Append-only execution records
  • Searchable decision context
  • SIEM-friendly export paths

Extensible packs

Add domain workflows and workers without destabilizing the core platform.

  • Installable overlays for policy and config
  • Scoped schema and workflow namespaces
  • Disable or purge with clear rollback paths
Explore Product Overview
How It Works

From job to result—governed every step

Policy checks, approval gates, and execution telemetry are built into the workflow lifecycle.

  1. 1

    Job submitted

    submit

    An AI agent submits a job with context pointers and risk metadata.

  2. 2

    Safety check

    check

    The Safety Kernel evaluates policy in milliseconds before any dispatch happens.

  3. 3

    Approval when needed

    approve

    High-risk jobs pause until an authorized operator approves or rejects the action.

  4. 4

    Worker execution

    execute

    Scheduler routes to capable workers with retries, timeout controls, and backpressure.

  5. 5

    Audit sealed

    audit

    Run results and decisions are written to immutable timeline records for review.

Explore Workflow Engine
workflow.yaml
name: incident-remediation
steps:
  collect_signals:
    type: worker
    topic: job.ops.collect

  approval_gate:
    type: approval
    depends_on: [collect_signals]

  restart_service:
    type: worker
    topic: job.ops.restart
    depends_on: [approval_gate]

  publish_audit:
    type: notify
    depends_on: [restart_service]
Approval steps are first-class workflow nodes, not custom glue code.
Architecture

Production-ready architecture

Built for teams that need predictable behavior under pressure.

API Gateway

Unified HTTP, WebSocket, and gRPC control plane surface for jobs, runs, approvals, and policy.

Realtime stream support

Scheduler + Safety Kernel

Least-loaded routing with policy enforcement, budget checks, and stale-job reconciliation.

Deterministic dispatch

Workflow Engine

DAG execution model with retries, dependency handling, and run-level timeline tracking.

Parallel steps + failure semantics

NATS + Redis backbone

Message durability, pointer-based state, locks, and artifact metadata for production-grade agent governance.

JetStream-ready

Built on battle-tested foundations

NATS

Cloud-native event bus for fast, resilient workflow messaging.

Redis

High-performance state store for workflow pointers and metadata.

Go services

Predictable binaries for scheduler, kernel, workflow, and gateway.

Kubernetes ready

Deployable in modern platform stacks with clear operational boundaries.

Review Architecture Docs

GitHub

Live

Stars on cordum-io/cordum

View repository

NATS backbone

Resilient event streaming for jobs and workflow state changes.

Redis state

Fast pointer-based state and timeline metadata storage.

Go services

Predictable control-plane binaries built for production workloads.

Kubernetes ready

Fits modern platform stacks with clear operational boundaries.

Source-available. No black boxes.

Inspect the core code, review protocol details, and build with confidence.

  • Full core source and CLI available on GitHub
  • Published protocol specification and docs
  • Community-friendly contribution path
View on GitHub

Enterprise ready

Designed for organizations that need stronger control, support, and governance.

  • SSO / SAML and advanced role controls
  • Compliance-focused audit retention and exports
  • Priority support and rollout partnership
Talk to Sales
Editions

Start free, then scale through Team and Enterprise.

Choose the path that matches your deployment stage and governance needs.

Community

For individual builders and internal teams validating autonomous AI agents.

  • Full control plane (Safety Kernel, Scheduler, Workflow Engine)
  • Dashboard & CLI
  • Up to 3 workers
  • Community support (Slack & GitHub)
Get Started

Team

Coming Soon

Expanded capacity and collaborative governance for teams running multiple agents.

  • Everything in Community
  • Up to 25 workers
  • Multi-approver gates
  • 90-day audit retention
Join Waitlist

Enterprise

Recommended

SSO, compliance-grade audit controls, and SLA-backed support for governing AI agents at scale.

  • SSO / SAML and advanced RBAC
  • Unlimited audit retention + SIEM export
  • Priority support with response SLAs
  • Managed or on-prem deployment options
Talk to Sales

Newsletter signup

Frequently Asked Questions

What is Cordum used for?
Cordum is used to govern autonomous AI agents in production. It provides pre-execution policy checks, approval gates for risky work, and a full audit timeline of every decision and action.
How is Cordum different from an agent framework?
Agent frameworks focus on reasoning and chaining tasks. Cordum is the control plane that governs whether actions are allowed, who must approve them, and how they are audited.
Is Cordum open source?
Cordum is source-available under the Business Source License (BUSL-1.1). You can view, clone, run, and modify the core for internal use. Enterprise capabilities are available for organizations that need expanded governance and support.
What does a production setup need?
A standard deployment uses Go services with NATS and Redis. Production environments typically enable durable messaging, timeout reconciliation, and policy governance workflows.

Ready to ship autonomous AI agents safely?

Start in minutes with the quickstart, or talk with our team about enterprise governance needs.

Get Started in 5 MinutesSee How Policies Work
Talk to Sales