Outcomes

What teams achieve on a governed runtime.

Cortex doesn't just run agents — it makes their work provable. The outcomes below are representative of how regulated teams put AI in front of real work: low-risk actions executed, risky ones held for a human, out-of-policy ones blocked outright — each one sealed in a tamper-evident ledger you can hand an auditor.

Illustrative outcomes by use case · no named customers or attributed quotes

audit/verify
#101hash ✓#102hash ✓#103hash ✓#104hash ✓#105hash ✓
head 0x9f3a…c1ok: true
verifyChain ▸ chained SHA-256 · signed receipts
How to read this page

Representative outcomes, not borrowed logos.

We won't put another company's name on a result they didn't agree to publish. Instead, each card below is an illustrative outcome for a job-to-be-done — built from the exact capabilities, metrics, and runtime verdicts used everywhere else on this site. The numbers are the ones Cortex is engineered to produce; the proof surface is the one an operator actually sees.

Outcomes by job-to-be-done

Governed agents, measurable results.

Pick the work that looks like yours. Every outcome maps to a real Cortex control — and shows the literal verdict the runtime returns when an action is allowed, held, or blocked.

Tax-prep firm · representative

97% gold-eval accuracy — every figure traced to its filing.

A four-agent pipeline (intake → deduction-finder → return-reviewer → compliance-check) drafts returns grounded to source forms. Every number on the return clicks through to a value hash, page, and bounding box — so a preparer signs what the model produced, not what it paraphrased.

return/eval
Gold eval{ overall: 97% }passed
Figure → filingpage 47 · bbox · value_hash 0x7c4e…as reported
Unsupported numberno source matchheld for review
ai-insights ▸ gold suite · datapoint provenance on every figure
Claims team · representative

Auto-adjudicate low-risk — hold the rest for a human.

A fraud-triage agent scores intake and proposes a disposition. Low-risk, low-value claims execute as governed actions; anything risky or above the payout threshold is parked for an adjuster. The split is policy, not vibes — and every path is replayable.

Action Fabric
Refund $240risk: low · evidence attachedexecuted
Payout $5,000risk: high · ≥ thresholdpending approval
Duplicate claimpolicy: dedupeblocked
actions ▸ payout ≥ $5,000 → human approval before a dollar moves
Bank KYC desk · representative

Out-of-policy actions blocked with 403 — before they happen.

Onboarding and screening agents run under strict allowlists. A model that isn't approved for the desk, an action outside the agent's grant, or a read of a restricted field is denied at the gate — fail-closed — and the denial itself is sealed as evidence for the examiner.

runtime/gates
Off-allowlist modelidentity gate403
Read ssn (restricted)property permissiondenied
Case dispositiondual-control · explainedexecuted
identity → budget → guardrails → registry → control-tower → audit
AI platform team · representative

Hard caps stop runaway spend at 402 — no surprise invoice.

Every agent and team runs against a budget. As spend approaches the 30-day cap the runtime warns, and at 100% it fails closed — runs are blocked with 402 instead of quietly burning through the budget. Finance sees hours saved and cost avoided in the same view.

budget/enforce
Run @ 78% of cap$7,820 / $10,000allowed
Run @ 100% of caphard cap reached402
30-day ROI1,240h saved · $312k avoidedtracked
budget ▸ hard cap blocks runs at 100% (402) · ROI tracked
Patient-access team · representative

Prior-auth drafted under DLP — minimum-necessary by policy.

An intake-and-documentation agent assembles prior-auth packets while DLP and least-privilege access keep PHI scoped to what the task needs. Sensitive fields stay masked, the draft is human-reviewed, and the whole run is chained to evidence — minimum-necessary enforced, not hoped for.

phi/guard
Prior-auth draftPHI scoped to taskdrafted
Out-of-scope fieldDLP: maskedredacted
Clinician reviewhuman-in-the-loopawaiting review
guardrails ▸ DLP in/out · least-privilege · masked by default
Security operations · representative

Triage at machine speed — containment stays human-gated.

An alert-triage agent enriches and dispositions noise so analysts focus on real incidents. Read-only enrichment runs autonomously; any containment action (isolate host, disable account) is a gated action that an analyst approves — bounded autonomy with every step replayable.

soc/triage
Enrich + dedupe alertread-only · MITRE mappedexecuted
Isolate hosthigh-impact actionneeds approval
Replay runfull trace · 10-hop lineageauditable
oversight ▸ enrich autonomously · contain only with approval
97%Tax pack accuracy (gold eval suite)
95%Citation coverage on grounded answers
$5,000Insurance payout approval threshold
10-hopProvenance on every outcome
Proof you can hand an auditor

Behind every outcome is a sealed record — not a screenshot.

What makes these outcomes credible isn't the headline number; it's that each one lands in a hash-chained Trust Ledger. Change one byte and verifyChain returns ok:false with the exact broken sequence. Receipts validate offline. Lineage shows all ten hops from the human who asked to the action that shipped.

  • Tamper-evident audit — verifyChain returns { ok:false, brokenAtSeq } on any edit
  • Signed outcome receipts a third party can verify offline (valid:true)
  • 10-hop provenance: human → agent → skill → prompt → policy → model → tool → artifact → outcome → approval
  • Forged receipts fail constant-time compare with valid:false
audit/verify
#101hash ✓#102hash ✓#103tampered#104hash ✓#105hash ✓
head 0x9f3a…c1brokenAtSeq: 103
verifyChain ▸ chained SHA-256 · signed receipts
Ship an outcome, don't rebuild it

These outcomes ship as signed Solution Packs.

Many of the results above are packaged as versioned, signed bundles of ontology, policies, actions, and agents — install one into your tenant, verified by hash and signature, and get the same governed outcome on day one.

Browse all Solution Packs
Security & compliance

The same security review covers every outcome.

Because the gates, RBAC, DLP, agent detection & response, and multi-tenant isolation are shared, the proof behind one outcome is the proof behind all of them — mapped to the frameworks your auditors already use. Aligned with these regimes; we never claim a certification we don't hold.

SOC 2ISO 27001ISO 42001HIPAAGDPREU AI ActNIST AI RMFFINRA

See these outcomes on your own work.

Bring a real workflow and your regulators — we'll show you the gates, the verdicts, and the sealed receipt for every action, live.