Three plans, one runtime. Every tier ships the full fail-closed gate chain, cost caps, and the tamper-evident Trust Ledger — so you scale agents on a price you set and an audit trail you can hand a regulator.
Governance runtime included on every plan · Hard caps fail-closed at 100% (402)
Cost Governance
$7,820
of $10,000 · 30-day cap
Hours saved
1,240h
Cost avoided
$312,000
budget ▸ hard cap blocks runs at 100% (402)
Plans
Pick the plan that fits your fleet.
Team and Scale are per-seat with a pooled monthly run allowance. Enterprise is sized to your agent fleet, environments, and support tier — talk to sales.
Team
$2,400/ mo
For teams putting their first governed agents into production.
Prices billed annually, exclusive of tax. Run allowances pool across seats; overage billed per run or upgrade anytime.
What's always included
Governance isn't a line item. It's the runtime.
On most platforms, controls are an enterprise upsell. On Cortex, you cannot run an agent without the full gate chain — on every plan, including Team. You pay for governed compute, never for the ability to govern it.
Every run passes 8 gates: identity → budget → guardrails → registry → control-tower → policy → execute → audit
Hard cost caps fail-closed at 100% — a runaway agent is blocked with a 402 before spend
Out-of-policy actions return 403; conflicting writes return 409 — deny is the default
Every outcome lands in a tamper-evident ledger (hashOk:false flags any edit)
The platform doesn't get crippled on lower tiers. Build, govern, and observe are present everywhere — plan size scales volume, retention, deployment, and support.
Build
No-code Agent Studio
Behavior & guardrails
Knowledge & RAG
Solution Pack install
Govern
8-gate fail-closed chain
Agent IAM
Cost caps (402)
Policy-as-Code (403)
Oversight & kill switch
Observe
Run monitoring
AI insights
Tamper-evident ledger
Signed outcome receipts
Compare plans
Every feature, side by side.
The governance runtime is identical across plans — what scales is volume, observability depth, deployment model, and support.
Feature
Team
Scale
Most chosen
Enterprise
Governance runtime (included in every plan)
Fail-closed gate chain (8 gates)
Agent IAM & scoped credentials
Cost caps & hard budgets (402)
Guardrails & DLP
Tamper-evident Trust Ledger
Oversight modes & kill switch
Build & automate
No-code Agent Studio
Workflows & automations (ECA)
Up to 10
Unlimited
Unlimited
Pooled agent runs / month
25k
250k
Custom
Signed Solution Packs
Install
Install + author
Install + author
Observe & prove
Monitoring & AI insights
Evaluation & simulation lab
Reliability score & agent debugger
Ledger retention
90 days
1 year
Custom
Deployment & support
Multi-tenant SaaS
VPC / on-premise / air-gapped
SSO / SCIM & custom RBAC
SSO
Support
Email
Priority + SLA
24/7 + SA
Security-review concierge
What you pay for
A run is a governed invocation — executed, held, or blocked.
You pay for governed compute, not just successful output. Held and blocked attempts still produce a ledger entry — that's the point.
Executed
Executed
Passed all 8 gates, acted, and wrote a signed receipt to the ledger.
Hold
Held
Stopped at an oversight gate for human approval — recorded, replayable, awaiting sign-off.
Blocked
Blocked
Denied at a gate — 402 over budget, 403 out of policy, 409 on conflict.
Pricing FAQ
Answers before you talk to sales.
How is Cortex AI OS priced?
Three plans. Team and Scale are per-seat with a pooled monthly agent-run allowance; Enterprise is a custom contract sized to your agent fleet, environments, and support tier. Every plan includes the full governance runtime — identity, budget, guardrails, policy, oversight, and the Trust Ledger — at no extra charge.
Is governance an add-on or extra cost?
Governance is never an add-on. The fail-closed gate chain — Agent IAM, cost caps, guardrails, the Action Fabric registry, Control Tower, policy-as-code, oversight modes, and the tamper-evident audit ledger — is included in every plan, including Team. You cannot run an agent on Cortex without it.
What counts as an agent run?
A run is one governed agent invocation that passes through the gate chain and produces a ledger entry — whether it executes, is held for human approval, or is blocked (402/403/409). Held and blocked attempts still count toward observability but are billed at the same rate; you are paying for governed compute, not just successful output.
How do cost caps and budgets work?
Every workspace, agent, and model carries a spend budget. Soft caps warn and route to a cheaper model; hard caps fail-closed at 100% and block the run with a 402 before any spend occurs. You set the ceiling — Cortex enforces it on every run, so a runaway agent can never exceed budget.
Can I deploy on-premise or in an air-gapped environment?
Yes. Enterprise supports single-tenant, VPC, on-premise, and air-gapped deployments. Signed Solution Packs verify by hash and signature offline, so you can install governed solutions into environments with no outbound connectivity.
What support and SLAs are included?
Team includes community and email support. Scale adds priority support, a named technical contact, and an uptime SLA. Enterprise adds 24/7 support, a dedicated solutions architect, custom SLAs, and a security-review concierge for your auditors.
Do you offer a trial or proof of value?
Yes. We run a scoped proof of value on your own use case — typically a governed Solution Pack against your data — so you can verify run quality, citation coverage, and the audit trail before you commit. Book a demo to scope it.
Which compliance frameworks is Cortex aligned with?
Cortex is built for and aligned with SOC 2, ISO 27001, ISO 42001, HIPAA, GDPR, the EU AI Act, NIST AI RMF, and FINRA. We are not making certification claims on this page — visit the Trust Center for the current attestation status and security documentation.
“We budgeted for a governance project on top of the platform cost. With Cortex there wasn't one — the controls our auditors wanted shipped on day one, on the plan we already had.”