Retrieval answers questions. The work is in the doing. Praxis lets agents take real, reversible, fully-audited actions across the systems you already run — with a governance gate on every step.
The market converged on copilots that retrieve and summarize. But resolving an incident, issuing a refund, or suspending a compromised account means changing a system of record — and that is exactly where trust, permission, and reversibility have to live.
The agent finds the runbook and drafts a reply. A person still does the work, re-checks permissions, and hopes nothing was missed. Value stops at the suggestion.
The agent proposes a step; Praxis validates it, scopes it to the caller, requires human sign-off on high-risk actions, executes, and can undo it — leaving a verifiable record.
Praxis federates over the systems you run rather than replacing them. Bring your own agents (via MCP or A2A) or use the prebuilt library — every action they take passes the same gate, and is metered, reversible, and signed.
Eleven production connectors (ServiceNow, Jira, Slack, Okta, Salesforce, Zendesk, PagerDuty, and more). Praxis is the action plane across them, not another system of record.
Per-agent identities with delegation; every action is scoped to the intersection of the agent's grant and the user's. RBAC in, segregation-of-duties enforced on approval.
Writes register their compensators; if a later step fails, completed actions are automatically undone. Reversibility is a first-class property, not an afterthought.
Every step is written to a hash-chained ledger. Any later edit or deletion breaks the chain — and a single call proves it. Trust that doesn't depend on trusting the vendor.
Parity is table stakes — Praxis has the conversational front door, the agent control tower, model routing, DLP, and consumption pricing. The difference is in what they can't offer.
The same zero-dependency build runs as SaaS, in your own cloud account, in a partner-managed cloud (e.g. operated for you by Accenture), fully on-prem, or in a sovereign enclave. Deployment is a config choice, not a sales exception.
τ²-bench measures whether the agent succeeds. Nobody measures whether the guardrails do. Praxis publishes Guardrail-Pass^k — reliability of block / approval / SoD / dedup / rollback across repeated runs.
The governance kernel is open and self-hostable. Security teams can read exactly how the gate works rather than taking a datasheet's word for it.
Frontier API or a self-hosted open-weights model behind your firewall — same gate, same audit. No data has to leave the boundary you choose.
A fixed platform subscription with a generous bank of included governed actions; consumption beyond that is metered. Enterprise and Sovereign are typically tailored.
Hash-chained, append-only ledger. Independently verifiable; any edit breaks the chain.
PII and secrets are redacted before anything is written to the ledger or sent to a model.
Every run, approval, and audit row is org-scoped; kill-switch and rate caps are per-tenant.
Roles resolve to scopes; agents act under delegated identities bounded by the caller.
Governance is a versioned, git-reviewable document — not clicks in a vendor console.
Designed toward SOC 2 / ISO 27001 / DPDP, and aligned to the EU AI Act control expectations.
We'll run a live incident in your environment, with a high-risk action held for your approval and the whole thing on a verifiable ledger.