Concordex is the governance and audit layer for AI agents in production. Drop in our SDK or sidecar, capture every action with the evidence behind it, and answer audit, incident, and customer questions in seconds — not weeks.
# Trace the decision your agent made at 14:02 UTC $ concordex agents trace agt_7HxQ --at 14:02 → Agent support-triage-bot (v2.3.1) → Action refund.approve (amount=$840) → Evidence 3 retrieved docs · 2 tool calls · 1 policy check → Risk tags [financial-action, customer-pii] → Drift within band (p99 latency, refund-rate) # Export defensible audit packet for legal/compliance $ concordex audit export agt_7HxQ --window 24h --format soc2 ✓ packet written to audit-2026-05-07.zip (412 events, signed)
Logs aren’t evidence. Prompt traces aren’t an audit trail. And nobody on your team has time to reconstruct an agent’s reasoning from Datadog at 2 a.m.
Your agent approved the refund. Your agent escalated the alert. Your agent called the wrong tool. Concordex captures the full evidence chain so any action can be reproduced and explained, not guessed at.
Every action is signed, timestamped, tagged for risk dimensions, and exportable as a packet your auditors will accept. SOC 2, HIPAA workflows, EU AI Act Article 12 controls — mapped, not retrofitted.
Concordex watches the distribution of decisions, evidence quality, and risk-tag rates. When an agent starts behaving outside its band, your on-call hears about it — before the support tickets do.
Anima is generally available today and powers the agent registry that the rest of the platform builds on. Augur and Concordia layer in as your program matures.
Capabilities, signature behaviors, known failure modes, risk tags, and the evidence behind each claim — updated as the agent changes.
Each forecast is calibrated against your agent’s historical record, scored, and reviewable. Augur tells you when behavior is shifting, not just that latency moved.
Which agents may talk to which, what evidence flows between them, how disputes resolve. Full policy diff history and rollback — the kind of controls your security team actually asks for.
Five lines around your agent loop, or a sidecar proxy if the runtime is closed. We meet your stack where it is.
from concordex import trace
with trace(agent="triage", risk=["pii"]):
result = my_agent.run(input)
Actions, retrieved evidence, tool calls, policy checks, drift signals — written to your isolated tenant with cryptographic signing.
POST /v1/events
{ agent: "triage", action: "refund.approve",
evidence: [...], risk_tags: ["financial"] }
Slack, your incident channel, your CI gates, your audit prep, your on-call dashboard. The registry travels with you.
$ concordex audit export agt_7HxQ \
--window 24h --format soc2
✓ 412 events · signed · ready
If you’re the person paged when an agent misbehaves, or the one explaining it to legal, security, or the customer — Concordex is the toolchain you don’t have yet.
One registry for every agent — LangChain, OpenAI Assistants, in-house, vendor-supplied. Standardize what “production-ready” means without telling each team how to build.
SOC 2, HIPAA, EU AI Act, internal model-risk frameworks. Stop rebuilding evidence packets every quarter.
When an agent acts up, you need the trace, the evidence, and the diff — in your incident channel, in two clicks. Concordex integrates with PagerDuty, Opsgenie, and Slack.
Per-tenant data isolation, configurable retention, BYO-cloud, and a policy layer your CISO can read without translation. Self-hosted on your VPC if your security review demands it.
We charge for the volume of agent activity governed, not for engineers on the dashboard. Bring your whole team.
The free dev tenant is provisioned in under a minute. Most teams are
sending production traces inside their first afternoon — either via
the SDK (pip install concordex / npm i @concordex/sdk)
or as a sidecar proxy if you can’t change the agent code.
SaaS tenants run in us-east-1 or eu-west-1 with
configurable data residency. Self-hosted deployment on your VPC is
available on the Enterprise tier — same control plane, your KMS keys,
no egress.
SOC 2 Type II is in flight (target Q3 2026); evidence available under NDA today. HIPAA-compliant deployment with BAA on Enterprise. Concordex ships pre-mapped controls for EU AI Act Article 12 (record-keeping) and Article 14 (human oversight) — if your auditor asks, we have the crosswalk.
Concordex emits OpenTelemetry, ships first-party integrations with Datadog and Splunk, and has webhooks for everything else. We don’t replace your APM — we add the layer your APM can’t: agent decisions, evidence chains, and risk tags.
Every event is exportable to JSONL or Parquet at any time, on demand, without a support ticket. Self-hosted customers keep running indefinitely on the last released image. The registry schema is documented and open.
The platform is built around the idea that trust between many minds — human and synthetic — needs an indexed, consultable record. The full thesis is on the thesis page if you want it. The marketing page does not require it.
Provision a tenant in a minute. Send your first trace in five. Have a real audit packet by the end of the week.