AI Agent Governance

The Control Plane for AI Agents

Ship agents to production knowing every tool call is allowed, denied, or escalated to a human reviewer before it executes — and every decision is on record.

Request a Demo Contact Us

Self-hosted · Your data never leaves your environment · Any framework

This is what ungoverned production agents do.

These are not attack simulations. Documented incidents from real production deployments, 2025–2026.

Meta · March 2026

Agent posted without approval. Sev-1.

An internal AI agent autonomously posted to an engineering forum, leaving sensitive data exposed for two hours.

No policy on autonomous tool calls.

Replit · July 2025

Coding agent deleted production database.

An AI agent wiped an entire database. Its own words: “I destroyed months of work in seconds.”

No deny policy on delete_database.

AWS · December 2025

Agent bypassed peer approval. 13-hour outage.

An AI coding tool resolved a production issue autonomously, without the required approval step.

No human-in-the-loop enforcement.

AIControl puts the checkpoint back. Every tool call allowed, denied, or escalated to a human reviewer. Every decision logged.

The Problem

Your agents are already in production. Every tool call they make is either authorized — or it isn't.

No enforcement layer

Agents call APIs, write files, and trigger workflows without any governance checkpoint. You find out what happened after the fact — if you find out at all.

No audit evidence

When a regulator, auditor, or board asks what your agents did last quarter, you have nothing to show them. Logs tell you what happened. They don't prove what was authorized.

No human escalation path

When an agent tool call falls outside clear policy — ambiguous parameters, unexpected context, high-stakes action — there is no mechanism to pause, route to a human reviewer, and resume with a decision on record. Exceptions disappear into logs nobody reads.

How It Works

One endpoint. Universal governance.

Intercept

Agents send every tool call to AIControl before executing. One API endpoint. Works with LangChain, CrewAI, AutoGen, or any MCP-compatible agent.

Evaluate

AIControl evaluates against your policies using Open Policy Agent. Sub-10ms latency. Allow, deny, or escalate to human review.

Log

Every decision written to an immutable audit trail — tool name, parameters, policy matched, decision reason, timestamp.

allow{
  "decision": "allow",
  "reason": "default_allow",
  "audit_event_id": "a3f2...",
  "duration_ms": 7
}
deny{
  "decision": "deny",
  "reason": "tool_blacklisted",
  "audit_event_id": "b7e1...",
  "duration_ms": 6
}
review{
  "decision": "review",
  "reason": "requires_human_review",
  "review_id": "f2a8...",
  "duration_ms": 8
}

Platform

Everything you need to govern agents at enterprise scale.

Policy Engine

Powered by Open Policy Agent — the CNCF standard used by Kubernetes and Terraform. Update policies in milliseconds without a deployment.

Universal Intercept

Framework-agnostic. Works with any agent on any framework — LangChain, CrewAI, AutoGen, MCP-based agents, or custom code. One integration point. No re-platforming.

Immutable Audit Trail

Every intercept produces an audit event regardless of decision. Append-only store. Export for SOC 2, EU AI Act, and internal governance reports.

Human-in-the-Loop

Ambiguous tool calls pause and route to your compliance team via Slack with approve/deny buttons. Every decision recorded with reviewer identity and timestamp.

Agent Registry

Register, approve, and manage every AI agent in your environment. Track tool allowlists, ownership, model version, and lifecycle status.

Self-Hosted

Docker Compose. Runs in your cloud or on-premises. Your audit data never leaves your environment. Up and running in 30 minutes.

Architecture

Governance in the critical path

Pricing

Simple, transparent pricing

All plans include full platform access.

Community

Free

forever

No license key required

OPA policy enforcement
approved_tools enforcement
Rate-based policies
Audit log: 7-day retention
React dashboard (basic views)
HITL review queue — in-dashboard only
Unlimited agents, unlimited policies

Get Started on GitHub

Recommended

Business

$49/month

+ $15.00 per million intercepts

License key via self-serve (Stripe coming soon)

Everything in Community, plus:
1-year audit log retention
Slack HITL notifications
HITL review queue dashboard view
Priority email support

Start Free Trial

Enterprise

$149/month

+ $25.25 per million intercepts

License key via self-serve (Stripe coming soon)

Everything in Business, plus:
OPA health-watch observability
Policy drift detection + warning feed
Compliance report export (SOC 2, PCI, HIPAA, GLBA)
SLA (99.9% uptime guarantee)

Contact Sales

Estimate your monthly intercepts

Adjust inputs to see your estimated cost.

Number of agents5

1500

Runs per day per agent

Tool calls per run

~150,000 intercepts/month · Business est. $51/mo · Enterprise est. $153/mo

Community is free for all intercept volumes

No per-agent fees. No penalties for deploying more agents.

Built for regulated industries

Financial services, healthcare, and insurance teams have specific audit evidence requirements. AIControl is designed to meet them.

Immutable Audit Trail

Every intercept logged append-only. Cannot be modified or deleted after write.

Audit Evidence on Demand

Immutable intercept logs queryable to your compliance team's exact requirements. Structured export in development.

Human-in-the-Loop Logging

Every escalation logged with reviewer identity, timestamp, and decision note.

Data Residency

Self-hosted deployment. Your audit data never leaves your environment.

Ready to govern your agents?

See AIControl intercept real tool calls, enforce policies, and produce a compliance audit trail — in a 30-minute demo.

Request a Demo Email Us