AI Agent Control Plane

Govern AI Agents with Natural Language Policies.

Custos provides policy enforcement,
auditability and runtime security
for AI agents operating against
databases, APIs and enterprise systems.

Get Started View Architecture

How Custos Works

Policy. Judge. Enforce.

Policy

Define governance policies in natural language.

Judge

Evaluate AI plans against human-readable policies.

Enforce

Allow or deny actions before execution.

Audit

Record every decision and action for review.

Architecture Overview

How Custos Makes Decisions

Custos evaluates AI-generated plans against human-readable governance policies before actions are executed.

Define Policies

Organizations define governance policies in natural language.

FIN-1: Finance agents may access payroll systems only for reporting purposes.

Agent Creates a Plan

The AI agent generates an intended action.

Download all payroll records and export them to CSV.

LLM Policy Reasoning

Custos compares the plan against governance policies and evaluates intent.

Allow or Deny

Actions are enforced before execution with complete auditability.

DENY — Attempted data extraction exceeds reporting-only authorization. Policy: FIN-1.

Beyond RBAC and IAM

Traditional authorization systems evaluate users, roles, resources, and actions. Custos evaluates intent.

Instead of matching predefined rules, Custos compares AI-generated plans against human-readable governance policies and determines whether an action aligns with organizational objectives.

Natural Language Policy Semantic Authorization LLM Policy Reasoning AI Governance Runtime Enforcement

AI AGENTS

CUSTOS SDK

Python & Node.js
supported SDK

CUSTOS GATEWAY

Envoy WASM Filter-based
traffic flow control

SYSTEMS TO PROTECT

Protects Postgres,
MySQL, APIs & more

CUSTOS ADMIN UI

Manage and monitor
CENTRAL operations

CUSTOS CENTRAL

Policy Engine

Define and register policies with AI assistance

Decision Core

Evaluated and decided by AI

Audit & Logs

Record and monitor every action

CUSTOS JUDGE

Policy reasoning with
public or private LLMs

GET STARTED

Add verification to your AI actions

Keep your existing code. Add governance and policy verification with a single SDK integration.

Before

import psycopg2

conn = psycopg2.connect()

cursor = conn.cursor()
cursor.execute(
     "SELECT * FROM payroll;"
)

After

import psycopg2
from custos import Custos

conn = psycopg2.connect(port=9999)
custos = Custos(agent_id="my-agent")

plan = {
  "intent": "Export payroll data",
  "action": "SELECT * FROM payroll;"
}

with custos.secure_action(plan) as ctx:
    conn.cursor().execute(plan["action"])

Read the Docs View on GitHub

Custos doesn't just block dangerous commands — it evaluates AI agent intent against human-readable governance policies.

Human Policy

FIN-1 — Finance agents may access payroll data only for reporting purposes.

Agent Plan

Download all payroll records and export them to CSV.

Custos Decision

DENY — Attempted data extraction exceeds reporting-only authorization. Policy violated: FIN-1.

This is Semantic Authorization: Custos evaluates what the AI agent is trying to do, not just which API or SQL command it is calling.

About

Governance for AI Agents

Custos allows organizations to govern AI agents using natural language policies, evaluated by LLM-powered policy reasoning and enforced at runtime.

AI agents are evolving beyond simple chat interfaces. They can now query databases, call APIs, execute workflows, and perform real business operations autonomously.

As organizations adopt AI agents, critical questions emerge:

What is the AI trying to do?
Does the plan comply with human-readable policies?
Should this action be allowed before execution?
Can every decision and action be audited later?

Custos was created to answer these questions.

Unlike traditional IAM systems or policy engines, Custos evaluates AI agent plans against human-readable governance policies.

Organizations can define policies in natural language, while Custos uses LLM-powered policy reasoning to determine whether an action should be allowed.

Positioned between AI agents and enterprise systems, Custos validates intent, enforces policies at runtime, and creates a complete audit trail for every AI-driven action.

Our vision is to become the trust layer for the AI era, enabling organizations to deploy AI agents securely, governably, and with confidence.

Founder & Vision

Custos was founded by a software architect with more than 20 years of experience in enterprise software, cybersecurity, cloud infrastructure, and distributed systems.

His background includes delivering security-sensitive projects for financial institutions, government agencies, and enterprise customers where governance, compliance, and auditability are essential.

He also brings extensive experience in AI model training, inference serving, and AI platform engineering, providing firsthand insight into the challenges of deploying autonomous AI systems safely at scale.

Custos was founded with a simple mission: to make AI actions secure, governed, and auditable by default.

Roadmap

Building the Future of AI Governance

Our journey toward making AI actions secure, governed, and auditable across enterprise environments.

✓

Architecture Complete

April 2026

✓

Core SDK Prototype

June 2026

◉

MVP In Development

Target: November 2026

○

Developer Preview

December 2026

○

Public Beta

February 2027

○

v1.0 General Availability

May 2027