Enterprise customers require multi-tenant isolation, per-customer cost caps, audit trails, and a deployment that keeps their data off third-party cloud paths. KDCube enforces all four at the runtime layer — before your agent's first tool call.
You’re a VP Engineering or Head of Platform at a B2B SaaS company with an enterprise deal stuck in security review — because your AI feature can’t prove tenant isolation, per-customer spend caps, or an audit trail. Pass enterprise security review on day one — skip the platform build, close the deal this quarter. Try the compatibility explorer below ↓
Think API gateway + billing system for AI agents — admission control, tenant isolation, and per-turn cost accounting at the runtime boundary. Runs on Docker, PostgreSQL, and Redis. Works with LangGraph, CrewAI, AutoGen, or plain Python.
Deploy anywhere: Docker Compose for local dev, Kubernetes via native Helm charts (EKS, GKE, k3s, k3d, Minikube — 6 charts for ingress, proc, metrics, web-ui, postgres, redis), or AWS ECS/Fargate with reference Terraform.
See the full Kubernetes deployment guide with Helm charts for EKS, GKE, k3s, k3d, and Minikube.
Configure what you need, your team profile, and your budget. Tools re-rank in real time.
KDCube benefits your organization at the operational level — the outcomes that close procurement reviews and enable enterprise deals.
Agent execution is structurally isolated. No outbound network from the Executor. No cross-tenant data access. Every tool call gated through the Supervisor before it reaches any external system.
Timestamped allow/deny log on every agent decision. Full provenance chain from source document to artifact. RBAC with access_denied audit events. HIPAA, GDPR, and SOC 2 controls available.
The ReAct v2 timeline captures every turn event as typed blocks with stable logical paths — creating an immutable, ordered decision log for every conversation. Turn snapshots and versioning make each state recoverable and replayable. Auditors can reconstruct exactly what happened, why the agent took each action, and which sources influenced each response.
Web search results and fetched content enter the per-conversation source pool with stable Source IDs (SIDs), making external research fully traceable and attributable. Injected content that doesn't map to a trusted source is identifiable.
Budget caps enforced before execution at user, project, org, and tenant scope. Pre-computed OPEX aggregates queryable instantly — no log rescans. One platform eliminates per-pipeline SaaS fees.
Hot-loadable agent bundles deploy with no restart required. Ship new workflows, tools, and skills to production without downtime or re-deployment of the platform. Model-agnostic routing. Per-turn feedback signals. The platform provides the enforcement and observability so product teams focus on agent logic — not infrastructure compliance.
Built-in rendering tools generate PDF, DOCX, PPTX, PNG, and HTML artifacts. Agents produce structured documents as first-class outputs without requiring external rendering infrastructure.
In-flight conversations accept follow-up messages via continuation mailbox — users can refine or steer a running request without waiting for completion or losing context.
Platform capabilities mapped to the roles that own the buying decision or the live deployment.
| Capability | 🔐 CISO / Compliance Security & Audit | 💹 CFO Financial Control | 🚀 AI Product Shipping Velocity | ⚙️ IT / Infra Ops & Deployment |
|---|---|---|---|---|
| Multi-tenant isolation (infra-level) | ✅ No cross-tenant data access | ~ Reduces liability exposure | ✅ Safe multi-customer deployments | ✅ Enforced at every layer — no custom middleware |
| Execution Firewall (policy before tool calls) | ✅ Zero outbound from Executor; Supervisor gates all tools | ~ Contains blast radius of agent errors | ✅ Ship agents that pass enterprise security review | ✅ Built-in; no wrapper to build and maintain |
| DLP — PII/PHI detection | 🗺 Roadmap — not yet available | ~ Planned: reduce regulatory fine exposure | ~ Planned for healthcare/finance verticals | ~ Configurable detection patterns (planned) |
| Timestamped audit trail (allow/deny log) | ✅ Every decision logged; RBAC denial events | ~ Evidence for audit-driven risk review | ~ Debug agent decision paths | ~ Incident investigation |
| Citations & source provenance | ✅ Every AI claim traceable to source evidence | ~ Reduces risk of unsubstantiated AI outputs | ✅ Enterprise trust in AI-generated answers | — Not a primary infra concern |
| Self-hosted deployment (no SaaS data path) | ✅ No vendor data retention; VPC-only data path | ✅ Infrastructure cost only; no per-seat SaaS fee | ~ Satisfies enterprise customer requirement | ✅ Full stack control; auditable images. Four paths: platform dev mode (services on host, infra elsewhere); local infra only (Docker Compose for Postgres/Redis/ClamAV, services on host); all-in-one Docker Compose (full stack bootstrapped via kdcube-cli); custom UI + managed infra (custom frontend with externally-managed Postgres/Redis, OpenResty auth templates). |
| Per-customer cost accounting + hard caps | ~ Audit trail on spend commitments | ✅ Hard caps before execution; per-customer billing data | ~ Per-feature cost visibility | ✅ Prevents runaway agent spend |
| Gateway (rate limits + backpressure + circuit breakers) | ~ Protects service availability | ~ Prevents infrastructure cost spikes | ~ SLA protection per customer | ✅ Live-tunable via Redis pub/sub; no restarts |
| MCP + custom tools / skill bundles | ~ Each tool auditable and policy-gated | — Not a primary finance concern | ✅ Extend agents with any tool without platform changes | ✅ Integrate existing internal tooling via MCP |
| Hot-loadable agent bundles (no restarts) | — Not a primary compliance concern | — Not a primary finance concern | ✅ Deploy new behaviors per-tenant without downtime | ✅ Reduces change risk; no rolling restarts for logic updates |
| Monitoring & autoscaling signals | — Not a primary compliance concern | ~ Infrastructure cost optimization | ~ SLA visibility per deployment | ✅ Dedicated metrics service aggregates SSE connection counts, REST latency percentiles (p50/p95/p99), queue depth, and pool utilization. Pre-built autoscaling signals require no custom instrumentation. |
KDCube is purpose-built for teams running multi-tenant AI agents in production. It is explicitly not the right fit for every project.
If you're delivering applications that don't involve agent orchestration, isolated tenants, or LLM pipelines, KDCube's scope exceeds what you need. Pick a lighter tool matched to your actual problem.
KDCube is built for teams that need data residency controls, audit trails, and traceable operation logs. If compliance sign-off, production-grade admission control, and per-turn provenance tracking are not on your roadmap, the platform adds overhead without benefit.
Deploy runtime controls in under an hour. Review the code, run it in your environment, and evaluate the enforcement layer directly.