Skip to content
C
Cordum
Request AccessTalk to Sales
Blog

The boring core that keeps autonomy safe.

A deep dive into Cordum: governance-first orchestration for autonomous operations.

January 2026
12 min read
Cordum Team
Launch Post

Introducing Cordum.

Why we built the deterministic control plane for governed workflows.

Launch Cordum

Introducing Cordum

Why we built a deterministic control plane for autonomous workflows with Safety Kernel decisions, approvals, and audit trails.

Read Article
Deep Dives

Control plane fundamentals.

Focused posts aligned to the keywords operators use when they evaluate workflow governance.

AI governancePolicy

AI governance in production: policy-first control planes

A practical guide to AI governance in production: policy checks, approvals, constraints, and audit trails.

8 min readRead
Policy-as-codeGovernance

Policy-as-code for AI workflows

How to encode AI governance as versioned policy rules with explainable decisions and constraints.

7 min readRead
ApprovalsAutonomous workflows

Approvals for autonomous workflows: fast human gates

Design approval flows that keep humans in control without slowing incident response.

7 min readRead
Safety KernelLLM

LLM safety kernel: deterministic decisions for risky work

Why a Safety Kernel provides deterministic policy decisions for LLM-driven actions.

8 min readRead
Audit trailCompliance

Run audit trail: trace every AI decision end-to-end

Design an append-only audit trail for AI workflows: what ran, why, who approved, and which policy applied.

6 min readRead
Workflow orchestrationAI

Workflow orchestration for AI: DAGs, retries, governance

A blueprint for orchestrating AI workflows with explicit DAGs, retries, approvals, and audit trails.

8 min readRead
TL;DR

Cordum is a control plane for autonomous operations. It enforces policy before work is dispatched, requires approvals for risky actions, and records a complete audit trail. The core stays stable while domain logic ships as packs.

Every job is evaluated before dispatch, and every decision is recorded.
Approvals are intentional, tied to policy snapshots and job hashes.
Domain logic lives in packs, not in the core control plane.
Source-available means you can inspect the system without black boxes.
Table of Contents

Why this matters: Autonomous operations move fast, but production systems have to stay safe. Cordum slows down only the risky parts: it evaluates every job, requires approvals when policy says so, and keeps a complete trail of what happened and why.

Why autonomous ops needs a control plane

Traditional orchestrators focus on scheduling and retries. Autonomous operations add risk: automation can write to prod, patch systems, or move data across boundaries. Without governance, teams either block automation completely or ship a fragile set of scripts with no oversight.

A control plane changes the default. Every job is evaluated, every decision is logged, and approvals are explicit. That makes autonomy safe enough to use in real operations.

The boring core principle

Cordum keeps the core intentionally boring: jobs, workflows, state, policy, scheduling, retries, DLQ, approvals, and audit trail. The core does not know about GitHub, Kubernetes, or any specific tooling.

That separation is the point. It lets you upgrade the control plane without reworking domain logic, and it keeps the safety model consistent across every use case.

Control plane architecture

The control plane runs on NATS for the bus and Redis for state. The API gateway accepts jobs, the scheduler routes them, the Safety Kernel makes policy decisions, and the workflow engine coordinates runs.

Clients/UI
  |
  v
API Gateway (HTTP/WS + gRPC)
  | writes ctx/res pointers
  v
Redis (state, config, DLQ)
  |
  v
NATS bus (sys.* + job.*)
  |
  +--> Scheduler (routing + safety gate)
  |       |
  |       +--> Safety Kernel (policy check)
  |
  +--> External Workers
  |
  +--> Workflow Engine (run orchestration)

Policy, approvals, and constraints

The Safety Kernel is the policy decision point. It evaluates every job and returns ALLOW, DENY, REQUIRE_APPROVAL, or ALLOW_WITH_CONSTRAINTS. Decisions include a reason and are bound to a policy snapshot hash so approvals remain consistent even as policy evolves.

Constraints cap runtime, limit diffs, and enforce egress allowlists. That is how you let automation run without giving it a blank check.

Runs, steps, and audit trail

Workflows are stored in Redis. Runs emit a timeline of step states, approvals, and results. If a step fails or needs approval, the run pauses in a predictable state and resumes when conditions are met.

The audit trail is append-only. For every run you can answer: what executed, what changed, who approved, and which policy snapshot made the decision.

Packs and domain logic

Packs install workflows, schemas, and policy overlays. Install does not execute code; workers are deployed separately. This keeps upgrades safe and makes it possible to reason about what changed before it ships.

Packs are the delivery mechanism for domain logic. The core stays stable, packs evolve fast.

Operating in production

The system ships with retries, DLQ handling, and health endpoints. JetStream is optional when you need durable delivery, and Redis keeps pointer-based state to keep payloads out of the bus.

This is boring on purpose: the point is predictable behavior under pressure.

Why source-available

Enterprises want to inspect the control plane before letting it touch production. Source-available gives you transparency without forcing the project into a one-size-fits-all license model.

You can audit the source and understand every decision path. For hosted or resale use cases, commercial terms apply. See /legal/license for details.

Getting started

Request source access, then run the Docker quickstart, the smoke tests, and explore the dashboard. For production deployments, contact the team.

Ready to ship?

Request source access to evaluate the core in depth, then run the platform locally and inspect the policy model.

Request accessQuickstart