Orchestration & automation

Orchestrate multi-agent workflows at enterprise scale.

Coordinate agents, actions, and systems into reliable, auditable pipelines — steps, branches, approvals, and timers on a canvas; event-driven automations over your ontology and streams; cron schedules; and a durable job queue with a dead-letter queue. Every step runs through the same governance gates as a single agent run.

Event-driven · scheduled · durable · fail-closed per step

Workflow Builder
On case createdTriage agentamount ≥ $5k?ApprovalAuto-execute
automation ▸ steps · branches · approvals · timers
The problem

A single agent is a demo. A reliable pipeline is the product.

Real work spans many agents, tools, approvals, and external systems — triggered by events, run on a clock, and retried when a downstream wobbles. Stitch that together with cron scripts and glue code and you get silent failures, no audit trail, and no way to stop a runaway loop. Cortex makes orchestration a first-class, governed surface: every step is gated, recorded, and replayable, and nothing fails silently.

Every workflow step passes the same gates as a single run — a denied step stops the pipeline, in the ledgerstep → 403 / 409
How it works

Trigger it, run it, prove it.

Compose a pipeline on the canvas, give it triggers (events or a clock), and let the runtime execute it through governed steps onto a durable queue — with every firing, denial, and outcome landing in the Trust Ledger.

  1. 01

    Compose

    Build a workflow on the canvas — steps, branches, approval nodes, and timers — or declare an Automation as an event → condition → action rule over ontology objects and streams.

  2. 02

    Trigger

    Fire it from the Real-Time Hub on a matching event, on a cron schedule (UTC), from a channel intake (phone/email/voice/web), or from a CSV batch — each one a governed entry point.

  3. 03

    Execute & prove

    Steps run on a durable job queue with retries and a DLQ; every step is gated and recorded, so the whole pipeline is auditable and replayable end to end.

Automations over your ontology

Event → condition → action, on the things your business already models.

Automations are ECA rules: when an event fires, evaluate a condition, and take an action — but over governed ontology objects and live streams, not opaque webhooks. Because actions run through Action Fabric and policy-as-code, an automation can propose a payout, but a high-risk one still routes to human approval before it executes.

  • Workflows on a canvas — steps, branches, approval nodes, and timers
  • Automations as event → condition → action over ontology + streams
  • Channel intake from phone, email, voice, and web — every channel a governed trigger
  • Batch runner for CSV — apply one governed workflow across thousands of rows
Workflow Builder
On case createdTriage agentamount ≥ $5k?ApprovalAuto-execute
automation ▸ steps · branches · approvals · timers
Real-Time Hub · stream catalogcortex_event_log
ActionExecuted12,408 events
ActionDenied1,902 events
AgentExecutionCompleted8,771 events
ActionBreakGlass14 events
SecurityIncidentContained3 events
Activator rulecritical
on ActionExecuted · when * · action: raise_incident
firing → cortex_security_incidentsruleKey: activator:watch-actions
incidents surface in Detection & Response + the Control Tower KPI
Real-Time Hub · Activator

Watch a stream, react in real time — inside the Trust Layer.

The Real-Time Hub turns the event backbone into a governed trigger surface. Browse a live catalog of every event type the platform emits, declare Activator rules over those streams, and have matches recorded as firings. Set a rule to raise_incident and a firing also opens an ADR security incident — so a watched ActionExecuted becomes an alert your SOC sees, automatically.

  • Stream catalog of every eventType with live counts
  • Rules: eventType · whenExpr · severity · action (info/warn/critical)
  • Firings recorded; raise_incident opens an ADR incident
  • Dry-run evaluate any event before you enable the rule
Scheduled triggers

Run agents and workflows on a clock — deterministic, in UTC.

Complement event-driven automation with time-based triggers. A schedule fires an agent, a workflow, or a plain event on a standard 5-field cron cadence, evaluated deterministically in UTC. A fresh schedule never fires retroactively, an invalid expression is rejected 400, and firing recomputes the next run — so the clock side of your pipeline is as predictable as the event side.

  • Standard 5-field cron — *, steps, ranges, lists, UTC
  • Targets: agent, workflow, or a plain event
  • Invalid cron rejected 400; a new schedule never fires retroactively
  • tick fires due schedules → emits ScheduledTriggerFired
Scheduled Triggers · cron (UTC)cortex_schedules
daily-reconcile0 9 * * 1-5 · agent · Recon
next 2026-06-30 09:00 UTC
hourly-sweep0 * * * * · workflow · Sweep
next 2026-06-29 18:00 UTC
month-close0 0 1 * * · event · Close
next 2026-07-01 00:00 UTC
bad-expr99 * * * * ·
400 invalid cron
tick fires due schedules → emits ScheduledTriggerFired · recomputes nextRunAt
Prove it — don't just claim it

Reliable means it survives failure.

The hard part of orchestration isn't the happy path — it's what happens when a downstream times out. Cortex runs every step on a durable queue with retry and backoff, and parks exhausted work in a dead-letter queue you can inspect and replay, never lose.

Scheduled Triggers · cron (UTC)cortex_schedules
daily-reconcile0 9 * * 1-5 · agent · Recon
next 2026-06-30 09:00 UTC
hourly-sweep0 * * * * · workflow · Sweep
next 2026-06-29 18:00 UTC
month-close0 0 1 * * · event · Close
next 2026-07-01 00:00 UTC
bad-expr99 * * * * ·
400 invalid cron
tick fires due schedules → emits ScheduledTriggerFired · recomputes nextRunAt
Durable job queue → DLQretrying
POST /v1/jobs   # enqueue durable unit of work
  → { jobId, attempts: 0, status: "queued" }

worker pulls job → run fails (downstream 503)
  attempt 1 → retry (backoff 2s)
  attempt 2 → retry (backoff 8s)
  attempt 3 → exhausted

  ← moved to dead-letter queue (DLQ)
     status: "dead" · payload + last error preserved
     replay from DLQ once the downstream recovers
nothing is lost — failed work is held, inspectable, and replayable
Every way to start a pipeline

Triggers, runners, and durable execution.

Six governed entry points and one reliable execution layer — so however work arrives, it runs through the same gates and lands in the same ledger.

Workflows
  • Canvas: steps & branches
  • Approval nodes
  • Timers & delays
  • Per-step gating
Automations (ECA)
  • Event → condition → action
  • Over ontology objects
  • Over live streams
  • Routes through policy
Channel intake
  • Phone & voice
  • Email
  • Web forms & chat
  • Each a governed trigger
Batch runner (CSV)
  • One workflow, many rows
  • Bulk governed runs
  • Per-row outcome
  • Re-runnable
Real-Time Hub
  • Activator on streams
  • Firings recorded
  • raise_incident → ADR
  • Dry-run evaluate
Schedules & queue
  • Cron (5-field, UTC)
  • Durable job queue
  • Retry + backoff
  • Dead-letter queue (DLQ)
Orchestration runs on the whole runtime

Every step is a governed run.

Workflows and automations don't bypass governance — they compose it. Each step flows through identity, policy, and action approval, and lands in the same tamper-evident ledger as a single agent run.

Action Fabric
  • Steps invoke governed actions
  • dry-run → propose → execute
  • High-risk → approval
Control Tower
  • Pause a fleet mid-pipeline
  • Disable a tool a step uses
  • Live run + spend view
Observability
  • Full run trace per step
  • Quality scoring
  • Event stream feeds Activator
Trust Ledger
  • Every firing recorded
  • Hash-chained, replayable
  • Schedule & incident proof
Security & compliance

Built for the enterprise security review.

Per-step fail-closed gating, server-side tenant isolation, durable execution with a dead-letter queue, and a full audit trail on every trigger and firing — mapped to the frameworks your auditors already use.

SOC 2ISO 27001ISO 42001EU AI ActNIST AI RMFFINRA

Orchestrate agents you can actually trust in production.

Compose multi-agent workflows, trigger them on events or a clock, and run them durably — every step governed, recorded, and replayable.