Stop a regressing agent
before it reaches a customer.
Attestum sits between your agent orchestrator and the model providers. Every agent task runs under a signed SLA, with canary, shadow, and automatic rollback on a policy breach — and an immutable audit record mapped to EU AI Act Articles 15, 17, 21 and SOC 2 CC7/CC8.
Observability is forensics. Governance is what stops it mid-run.
Every production agent incident ends the same way: a better eval, next quarter. "We'll look at the logs" is not governance — it's forensics. By the time a human reads the trace, the wrong tool call fired, the wrong customer saw the wrong reply, the wrong field landed in the downstream system.
The missing primitive, especially for regulated buyers, is a signed contract for what "correct" means per agent task, and a control plane that enforces it — with automatic rollback as boring and reliable as the one your load balancer performs when an upstream goes unhealthy.
Site reliability engineering figured most of this out a decade ago: canaries, SLOs, circuit breakers, runbook re-arm. Agents just haven't caught up yet. That is the gap Attestum closes.
Three pillars. One control plane.
Every capability is in service of one outcome: you can sign a contract for what your agents do, and the contract is what gets enforced.
Reliability
Every agent task runs behind a canary, a shadow path, and an automatic rollback wired to your signed thresholds. Regressions are caught in seconds, not in the next post-mortem.
Governance
Each decision is logged to an immutable, signature-chained audit record — pre-mapped to EU AI Act Articles 15, 17, 21 and SOC 2 CC7/CC8. The artifact your auditor signs off on is generated automatically.
Economics
Model routing happens inside the SLA envelope, never outside it. Cost is optimized as a by-product of safe substitution, not the pitch. Your engineering team stays in control of quality bounds.
From signed contract to production traffic in four phases.
We ship the way SRE teams deploy: behind the existing path, then in shadow, then gradually, then on the hook.
- Phase 1 · Weeks 1–2
Sign the SLA
Primary metric, guardrails, latency ceilings, regulatory mapping. Signed before traffic flows. No debates later.
- Phase 2 · Weeks 3–5
Replay + shadow
Historical traffic replayed; live traffic teed to the shadow path. We prove the signed thresholds hold before a single real request touches us.
- Phase 3 · Weeks 6–10
Gradual ramp
1% → 5% → 25% → 50% → 75%, gated by the signed thresholds at every step. Automatic rollback is armed throughout.
- Phase 4 · Weeks 11–12
Hold & convert
Final ramp held steady. Both sides review the audit export. Convert to commercial, extend the pilot, or walk away — no obligation.
Not observability. Not an AI gateway.
Observability tools see everything and stop nothing. Gateways proxy calls without understanding them. Attestum is the layer that makes a signed SLA enforceable at runtime.
| Capability | Attestum | Agent observability |
|---|---|---|
| Sees every decision Observability tools already do this well. | ||
| Enforces a per-task SLA the operator signed Observability describes behavior. Attestum binds it. | — | |
| Automatic rollback on a policy breach — no human in the loop Most tools alert a human. Human latency is the incident. | — | |
| Auditor-grade records mapped to EU AI Act + SOC 2 Pretty traces are not compliance evidence. | — | |
| Framework-neutral — LangGraph, CrewAI, OpenAI Agents SDK Framework-specific tools can't govern what you didn't build in their framework. | partial |
We published the Open Agent SLA Specification before we built the product.
OASS is a vendor-neutral schema for expressing SLAs, audit records, and rollback procedures for production agent tasks. CC-BY licensed. Implementable by anyone. Read it before you take a meeting with us.
- 01 SLA Contract schemaSigned JSON per agent task with primary metric, guardrails, latency ceilings, regulatory mapping.
- 02 Audit Record schemaPer-run immutable record — inputs, routing, SLA evaluation, rollback decision, regulatory evidence fields.
- 03 Rollback Decision ProcedureDeterministic rules for halting a regressing agent. Control planes MUST implement.
Frequently asked, honestly answered.
Is this an AI gateway or an observability tool?
No. A gateway proxies calls; an observability tool logs them. Attestum is a control plane. It enforces a signed SLA per agent task, halts the run automatically on a policy breach, and emits an immutable audit record. The gateway and observability categories are commoditized; this is a different layer.
Won't my LLM provider build this themselves?
OpenAI will not halt an agent running on Anthropic models and route it to Gemini. Anthropic will not route to GPT. Our value is provider-agnostic — that permanently locks the providers out of this position. Model vendors sell compute; we sell governance over their compute.
Can you run on-premises or inside our VPC?
The Enterprise tier supports customer-hosted deployment (VPC or bare metal). For design-partner pilots we run a managed control plane in our single-tenant isolation; for production conversions we deploy whatever your compliance team can live with.
What about latency?
Control-plane P99 overhead is budgeted at 10 ms and enforced as a self-rollback condition. If our layer adds more than that, we roll ourselves back automatically. It's not a marketing number; it's in the signed SLA.
Do you train on our data?
No. Tenant data is isolated, never shared, never used to train any model. Raw traces are deleted 90 days after pilot end. Aggregate metrics we retain indefinitely are counts and distributions — never content.
How is this priced?
Platform fee only, no savings-share, no per-token markup. Starter is $25k/month (5 agent tasks, 1M agent steps, 30-day audit retention, SOC 2 mapping). Enterprise is $100k/month (unlimited tasks, 7-year audit retention, EU AI Act Annex III control library, customer-hosted deployment).
If your agents are going to production, you need the control plane before the incident does.
We're signing a small number of design partners this quarter. Zero-dollar pilot, 12 weeks, signed SLA before traffic flows, automatic rollback on a policy breach, full audit export at the end. No deck. No procurement cycle. One hour of your time to scope.