Live command center

One screen to pause, gate, and kill your AI agents.

The Control Tower is air-traffic control for your agent fleet — a tenant-wide view of every run, spend, and tool, with operator controls that the runtime actually enforces. Pause a misbehaving agent and its next run is refused 409 AGENT_PAUSED, before any model is called.

Admin-only · tenant-scoped · fail-closed enforcement

Control Tower
pause all disable tool export report kill switch armed
Fraud Triage$0.018 · 1.2sExecuted
Payout Approver$0.041 · pendingHold
Return Reviewer$0.009 · 0.8sExecuted
KYC Screenermodel not allowedBlocked
trust-ledger ▸ 1,284,902 actions recorded today
The problem

When an agent goes wrong, minutes matter.

A misbehaving agent can burn budget, call the wrong tool, or take real action across thousands of runs while you scramble for a console. Without one place to see the whole fleet and a switch that actually stops it, governance is a dashboard you read after the incident — not a control you act through during it.

Pause is enforced in the runtime, not the UI — a paused agent’s next run is rejected409 AGENT_PAUSED
How it works

See everything. Stop anything. Prove all of it.

The Control Tower aggregates live state across your Cortex services into one admin-only, tenant-scoped view — and turns it into controls the runtime obeys.

  1. 01

    Live aggregation

    One per-tenant view of agents (by status, paused), runs (total · failed · last-24h), spend (all-time · 30-day · by model), tools (calls · failures · disabled), active controls, and recent audit + policy denials.

  2. 02

    Operator controls

    Pause or resume any agent, and disable or enable any tool — one click. Controls write to cortex_runtime_controls and take effect on the very next run.

  3. 03

    Governance report

    Export the whole overview as a CSV governance report — the one-click artifact you hand a regulator, auditor, or your own risk committee.

Controls the runtime enforces

A pause that actually pauses. A kill switch that actually kills.

These are not UI toggles. Pausing an agent refuses its next run with 409 AGENT_PAUSED; disabling a tool drops it from the agent's toolset so it can never be called. Enforcement lives in runtime.service.ts run() — the same fail-closed path every governed run already takes.

  • Pause / resume any agent — refused 409 AGENT_PAUSED while held
  • Disable / enable any tool — disabled tools are dropped from the toolset
  • Every control change is admin-only and recorded in the audit log
Agents · pause / resume
Fraud Triage409 AGENT_PAUSEDPaused
Payout Approverruns allowedRunning
KYC Screenerruns allowedRunning
Tools · disable / enable
wire.transferdropped from toolsetDisabled
kb.searchavailableEnabled
case.closeavailableEnabled
control-tower ▸ controls enforced in the runtime, not the UI
Prove it — don't just claim it

The demo you can run yourself.

Pause Fraud Triage in the Control Tower, then trigger a new run for the same agent. The runtime refuses it before identity, budget, or model — a deny you can see in the response and in the ledger.

Control Tower · after pause
pause all disable tool export report kill switch armed
Fraud Triagepaused · investigationBlocked
Payout Approver$0.041 · pendingHold
Return Reviewer$0.009 · 0.8sExecuted
KYC Screener$0.012 · 1.1sExecuted
trust-ledger ▸ 1,284,902 actions recorded today
Pause → re-run is refused409
Fraud TriagePaused by operator
POST /control-tower/agents/pause
  → { agentId, reason: "investigation" }

POST /v1/runs   # new run for the same agent
  ← 409 AGENT_PAUSED
     blocked before identity, budget, or model call
Resume restores the agent; every pause/resume lands in the audit log
Access control

Powerful by design, locked down by default.

Every Control Tower endpoint requires a platform-admin session, resolved server-side via auth-service. The tenant is taken from the authenticated principal — never the request body — so a mismatched tenantId is rejected 403.

No session401

Unauthenticated callers are rejected before any aggregation runs.

Non-admin403

Operators and read-only roles can view runs but cannot pause, disable, or export.

Platform admin200

Owner / admin / superadmin (or controltower.admin permission) get the full command center.

Works with the whole runtime

The Control Tower sits on top of every gate.

It aggregates and acts on the same governed services your agents already run through — so what you pause, audit, and report on is the real thing.

Agent IAM
  • Agents as governed identities
  • Owner · risk tier · expiry
  • Pause respects identity scope
Trust Ledger
  • Every pause/resume recorded
  • Hash-chained, tamper-evident
  • Governance report exports
Cost Governance
  • Live spend by model
  • 30-day budgets · hard caps
  • Surfaced in the overview
Security & compliance

Built for the enterprise security review.

Admin-only access, server-side tenant isolation, fail-closed enforcement, and a full audit trail on every control — mapped to the frameworks your auditors already use.

SOC 2ISO 27001ISO 42001EU AI ActNIST AI RMFFINRA

Put your agents under air-traffic control.

See every run, stop anything in one click, and export the proof — from one admin-only command center.