Product

The AI Agent Control Plane.

Q: What is the Cordum Safety Kernel?

The Safety Kernel is a deterministic policy engine that evaluates every agent action before execution. It checks policy bundles, returns Allow, Deny, Require Approval, or Allow with Constraints decisions, and logs every evaluation for audit.

Q: How does Cordum differ from agent frameworks like LangChain or CrewAI?

Agent frameworks handle task execution and LLM orchestration. Cordum sits above them as a control plane, adding governance: policy enforcement, approval gates, audit trails, and output safety. It works with any framework via the CAP protocol.

Q: Is Cordum open source?

Cordum is source-available under the BUSL-1.1 license. The Community tier is free forever and includes the full control plane. Enterprise features like SSO and advanced RBAC require a commercial license.

Q: What protocols does Cordum support?

Cordum uses the Cordum Agent Protocol (CAP v2) as its wire format and supports MCP (Model Context Protocol) in both standalone stdio and gateway HTTP/SSE modes.

Q: Can Cordum run on-premises?

Yes. Cordum is designed for self-hosted deployment. Run it locally with Docker Compose or deploy to any Kubernetes cluster. There is no mandatory cloud dependency.

The missing layer between your agents and your infrastructure. Enforce policy, require approval, and record every action.

Safety Kernel Workflow Engine Scheduler Backbone Packs

Safety Kernel: Pre-Execution Governance.

The policy decision point for every agent action. If the policy doesn't allow it, the packet never leaves the kernel.

Real-time Policy
Decisions in < 5ms
Human Gates
Approval required for risky work
Constraint Logic
Budgets, deny-paths, limits
Policy Simulation
Test rules before they go live

safety-policy.yaml

rules:
  - name: prod-write-approval
    match:
      risk_tags: [prod, write]
    decision: REQUIRE_APPROVAL
    reason: "Production write detected"

  - name: kubectl-constraints
    match:
      capability: kubectl
    decision: ALLOW_WITH_CONSTRAINTS
    constraints:
      deny_paths: ["/kube-system/*"]
      max_runtime: 300s

incident-response.yaml

name: triage
steps:
  collect:
    type: worker
    topic: job.sre.collect
  
  approval:
    type: approval
    depends_on: [collect]
    
  remediate:
    type: worker
    topic: job.sre.patch
    depends_on: [approval]

Workflow Engine: DAG Orchestration.

Coordinate complex multi-agent sequences with explicit dependencies, retries, and failure semantics.

DAG Execution
Parallel step orchestration
Schema Validation
I/O contract enforcement
Saga Rollback
Automatic undo on failure
Run Timeline
Append-only audit records

Scheduler: Intelligent Routing.

The scheduler that knows when to stop. Least-loaded worker selection with capability-based routing and overload protection.

Least-Loaded
Optimal worker scoring
Capability Filter
Route to specialized tools
Backpressure
Avoid worker exhaustion
Reconciler
Detect and mark stale jobs

// Least-loaded scoring

score = active_jobs + (cpu_load/100) + (gpu_util/100)

// Capability filtering

job.requires = [kubectl, gpu]

worker.capabilities = [kubectl, s3, net:egress]

→ Capability Mismatch

Statically linked binaries

NATS

Durable JetStream events

Redis

Pointer-based state store

Protobuf

Strict wire contracts

Backbone: Built for Production.

No Python glue. No side-cars. Just high-performance Go binaries and a durable event bus.

At-least-once delivery with NATS JetStream
Per-job locks for strict idempotency
Dead Letter Queue (DLQ) for failed actions
Prometheus-native metrics and structured logs

Packs: Extensibility Reimagined.

Install AI agents, workflows, and policy overlays without touching the core control plane. Declarative and safe.

Declarative pack.yaml for metadata and topics
Bundle schemas, workflows, and policy overlays
Verify pack integrity before installation
Soft uninstall preserves data while disabling routing

Explore Pack Docs

API

Pack Registry

incident-enricher

Installed

kubernetes-ops

Installed

github-agent

Installed

security-scanner

Installed

Enterprise Governance

For organizations that require advanced compliance, SSO, and dedicated support SLAs.

SSO / SAML

Advanced RBAC

SIEM Export

Book a Demo View Pricing

FAQ

Common questions

Answers about the Cordum control plane.

What is the Cordum Safety Kernel?+

The Safety Kernel is a deterministic policy engine that evaluates every agent action before execution. It checks policy bundles, returns Allow, Deny, Require Approval, or Allow with Constraints decisions, and logs every evaluation for audit.

How does Cordum differ from agent frameworks like LangChain or CrewAI?+

Agent frameworks handle task execution and LLM orchestration. Cordum sits above them as a control plane, adding governance: policy enforcement, approval gates, audit trails, and output safety. It works with any framework via the CAP protocol.

Is Cordum open source?+

Cordum is source-available under the BUSL-1.1 license. The Community tier is free forever and includes the full control plane. Enterprise features like SSO and advanced RBAC require a commercial license.

What protocols does Cordum support?+

Cordum uses the Cordum Agent Protocol (CAP v2) as its wire format and supports MCP (Model Context Protocol) in both standalone stdio and gateway HTTP/SSE modes.

Can Cordum run on-premises?+

Yes. Cordum is designed for self-hosted deployment. Run it locally with Docker Compose or deploy to any Kubernetes cluster. There is no mandatory cloud dependency.

Implementation Guides

Build your rollout playbook with these AI agent governance and security guides.

Ready to add policy to your agents?

Get Cordum running locally in under five minutes. No credit card required.

Try the Quickstart View on GitHub