Home/For DevOps
Operations & FinOps

Prevent runaway billing. Maintain fleet uptime.

SLA-backed auto-revocation, certificate enforcement, webhook delivery, incident runbooks. 99.9% uptime. Sub-second latency. Built for on-call teams.

Operational Runbooks →SLA Terms
99.9%Uptime SLA
<60sAuto-revocation SLA
<500msVerification p99
1,000/sEvent ingest capacity
01 — WORKFLOW

Your operations workflow

Deploy, monitor, and respond — four steps to a fully managed agent lifecycle.

1

Deploy agent

Register via API. Receive X.509 certificate. Configure webhooks for revocation alerts. Set up certificate enforcement in your gateway.

POST /api/v1/agents
2

Monitor risk score

Real-time behavioral monitoring. Risk score updates every minute. Pre-warning at 0.75, auto-revocation at 0.85. Custom alerts via webhooks.

GET /api/v1/agents/{id}/risk
3

Auto-revocation SLA

Risk >0.85 triggers revocation in <60 seconds. Certificate invalid. Webhook fires immediately. Agent cannot execute transactions.

webhooks.on('certificate.revoked')
4

Enforce revocation

Your gateway checks /api/v1/verify/{cert_serial}. Returns: active, revoked, or expired. Kill switch halts agent execution immediately.

if (cert.status !== 'active') block()
02 — SLA

SLA guarantees & performance

99.9% uptime

<8.76 hours downtime per year. Multi-region failover. Redundant database + cache layers. SLA credits if breached.

Backed by SLA credits

Auto-revocation <60s

Risk score >0.85 triggers instant revocation. Maximum latency: 60 seconds. Webhook delivered within 5 seconds.

Enforced by circuit breaker

<500ms verification (p99)

Public /api/v1/verify endpoint: <500ms p99 globally. Cached at CDN edge. No auth overhead. Mission-critical latency.

Monitored via Better Stack

1,000 events/second

Behavioral event ingestion capacity per tenant. Rolling 30-day risk window. Real-time score updates. Horizontally scalable.

Scales via QStash
03 — ON-CALL

Incident runbooks

Copy-paste playbooks for your on-call runbook. Link to full docs for each scenario.

Certificate revoked

Agent risk score exceeded 0.85. Webhook received. Check /api/v1/crl for reason. Review audit trail. Contact support if false positive.

Enforcement runbook

Pre-revocation warning (0.75)

Score in pre-warning zone. Agent still active but will revoke if trend continues. Investigate anomalies in event stream now.

Event analysis

Webhook delivery failure

Endpoint returned 5xx or timeout. System retries 3× with exponential backoff. Check your endpoint logs. Re-register if needed.

Webhook guide

Certificate expired

X.509 cert reached end of 365-day validity. Agent cannot execute. Register new agent, issue new cert, update deployment.

Agent re-registration
04 — DOCUMENTATION

Operations documentation

Certificate Enforcement

Revocation enforcement. Kill switch implementation. Operational playbooks.

Webhooks & Event Delivery

Setup. Event types. Delivery guarantees. HMAC-SHA256 signature verification.

Certificate Revocation List

CRL access. Revocation reasons. Real-time updates from the CA.

Service Level Agreement

Uptime SLA. Performance SLA. Credits. Incident response times.

Get started

Ready to operate AI agents at scale?

SLA-backed guarantees. Auto-revocation. Webhook delivery. Incident runbooks included.

Start free trialView runbooks