Open Source · Apache-2.0 · Alpha v0.2.0

Governance
you can prove.

Agents are easy to guard and hard to prove. Qortara turns governed agent activity into tamper-evident logs and human-oversight records, designed to map to EU AI Act Article 12 and Article 14, and generated from what your agents actually did.

Qortara produces conformance evidence, not a compliance determination. Using Qortara does not guarantee compliance with any framework; your auditor or counsel decides whether it satisfies your obligations.

Fleet_Registry_V1

[01:23:45] agent_42 policy_eval policy=data_egress decision=ALLOW 12ms

[01:23:46] agent_17 saga_step action=db_write status=PENDING_VERIFY

[01:23:46] agent_17 saga_step action=db_write status=VERIFIED 47ms

[01:23:47] agent_89 trust_lookup org=acme.io score=0.94 fresh=12m

[01:23:47] compliance_scan framework=SOC2 tenant=... PASS

* Illustrative only. Live fleet telemetry is part of the pre-launch Cloud Governance dashboard.

Controlled, verifiable agent evolution

The foundation governs the action. Qortara governs how your agents evolve.

Qortara governs how agent memory becomes behavior, and how behavior earns authority. AGT enforces the action now; Qortara decides whether the learned state behind it earned its influence and authority, then delivers that operated and accountable.

Governs how agents evolve

Qortara

Qortara governs how agent memory becomes behavior, and how behavior earns authority: controlled, verifiable agent evolution through governed adaptive-state transitions. Adaptation does not imply authority; memory does not imply procedure; procedure does not imply permission. Native to Qortara, and delivered operated and accountable.

Adaptation is not authority · memory is not procedure · procedure is not permission

Conformance packs · EU AI Act Article 12 & 14

The proof the regulation asks for.

Each conformance pack maps a regulatory obligation to evidence Qortara generates from real agent execution. Model-governance and GRC tools document your models and your paperwork; they do not see what an autonomous agent does at runtime. Qortara does, at the dispatch path.

Article 12

Record-keeping

High-risk systems must keep automatic, tamper-evident logs of activity for traceability. Qortara captures each governed tool call from real execution, designed to map to that logging requirement.

Article 14

Human oversight

High-risk systems must let people interpret, intervene, and stop. Qortara records oversight and intervention events as evidence you can present toward an Article 14 assessment.

Qortara produces conformance evidence, not a compliance determination. Using Qortara does not guarantee compliance with any framework; your auditor or counsel decides whether it satisfies your obligations. The EU AI Act's high-risk obligations are phasing in and timelines remain subject to pending EU amendment. As of June 2026.

Qortara Governance · v0.2.0 · Alpha · Apache-2.0

Free evidence capture, powered by AGT.

Qortara Governance runs as a sidecar across your agent frameworks, with LangChain and LangGraph supported today. Enforcement is handled by the Microsoft Agent Governance Toolkit (AGT, MIT licensed); Qortara captures the tamper-evident evidence of what was governed. Open source, available today.

Qortara is an independent project and is not affiliated with, endorsed by, or sponsored by Microsoft. AGT is used as an open-source (MIT) dependency.

pip install qortara-governance-langchain

With LangGraph:

pip install 'qortara-governance-langchain[langgraph]'

Compliance evidence for

SOC 2 ·GDPR ·EU AI Act ·NIST AI RMF

Qortara Cloud Governance is being built to turn governed agent activity into evidence mapped to these frameworks, including EU AI Act Article 12 and 14, exportable for your auditors. Pre-launch.

Using Qortara does not guarantee compliance with any framework. Consult your auditor or legal counsel.

Roadmap

What is shipped, and what is coming

The open-source dispatch enforcement and the trust-attestation lifecycle are available today. Qortara Cloud Governance is in pre-launch hardening. The cross-org Trust Mesh is planned.

Available now
  • Dispatch-path policy enforcement

    Every tool call in an instrumented LangChain or LangGraph agent is evaluated before it runs, closing the native-tool-calling bypass that wrapper-based governance misses. Open source.

  • Portable trust attestations

    Mint a Qortara-signed attestation for an agent, look it up across organizations by agent identifier, and verify it with Ed25519. Metered per lookup.

Pre-launch
  • Runtime Cedar policy enforcement

    Centralized policy decisions with deny-default on evaluator error.

  • Cryptographic audit ledger

    Hash-chained, tamper-evident audit history with signed, exportable evidence.

  • Saga step verification

    Multi-step workflows held in pending-verify until confirmed, with mismatches raised as incidents.

  • Fleet governance visibility

    Aggregated view of agents, policies, and decisions across services.

  • Webhook delivery

    HMAC-signed event delivery to your SIEM, SOAR, or ticketing system, with retry.

  • Compliance evidence

    SOC 2, GDPR, EU AI Act, and NIST AI RMF evidence generated from the execution path.

Planned
  • Cross-org Trust Mesh

    The bilateral federation operator and protocol that carries portable trust across independent organizations. Spec in progress.

  • Published conformance matrix

    A public bypass-test and fail-closed proof matrix you can verify Qortara against.

Further reading on federated agent trust

The Qortara Product Family

Two products, one brand. Start free with the open-source sidecar that captures evidence, powered by AGT. The hosted plane turns that evidence into audit-ready conformance, so graduating is a connection, not a rewrite.

01

Qortara Governance

Free Developer tier · open-source sidecar

Runs as a sidecar across your agent frameworks, with LangChain and LangGraph supported today. Enforcement is handled by the Agent Governance Toolkit (AGT); Qortara captures the evidence of what was governed. Available today.

v0.2.0 · Apache-2.0

Explore the Developer tier
02

Qortara Cloud Governance

Hosted SaaS · pre-launch

The operated product: controlled, verifiable agent evolution, plus the governance stack and conformance evidence run for you and kept accountable across your estate. Designed to interoperate with emerging open agent-trust standards (planned).

Pre-launch · design-partner pilots

Request beta access

What Qortara Governs and Operates

One capability is Qortara's own. The rest is the governance stack it operates for you. The open-source pieces ship today; the operated Cloud is pre-launch.

Native to QortaraPre-launch

Controlled Agent Evolution

Govern how your agents' learned state earns durability and authority, controlled and verifiable. This is Qortara's own. AGT decides whether an action may execute now; Qortara governs whether a learned state has earned the authority to influence it.

  • Adaptation is not authority
  • Memory is not procedure
  • Procedure is not permission
Available today
02Available

Trust Attestation Lookups

Mint a Qortara-signed attestation for an agent, look it up across organizations by identifier, and verify it with Ed25519.

03Available

Agent Activity Evidence

The open-source sidecar records every governed tool call from real execution at the dispatch path, the evidence the rest builds on.

With Qortara Cloud, pre-launch
04Pre-launch

Operated Governance Stack

Qortara Cloud runs the AGT governance stack for you: enforcement, identity, tamper-evident audit, saga, and fleet view, operated and accountable.

05Pre-launch

EU AI Act Conformance Evidence

Article 12 logging and Article 14 human-oversight records assembled into evidence you can present toward an assessment. Conformance evidence, not a compliance guarantee.

06Pre-launch

Event Delivery to Your Tooling

Signed event delivery into your SIEM, SOAR, or ticketing system, with retry. Your existing tooling, your governance signal.

Security by design

Built to fail closed.

Governance is only worth as much as the guarantees underneath it. These are the security properties designed in from the start, not bolted on later.

The default answer

Fail-closed by design

If the policy engine cannot reach a decision, the answer is no. A denied call never slips through as an allow, and uncertainty is never resolved in the agent's favor.

policy.engine → unreachable

decision: DENY

reason: evaluator_unreachable

Tamper-evident audit ledger

Every decision is written to an append-only, hash-chained ledger, so you can tell if a record was ever altered.

Per-tenant isolation

Each tenant's data is fenced off at the database level, not just in application code.

Verifiable agent identity

Registered agents carry signed, verifiable credentials, so you always know which agent acted.

Origin-locked edge

Traffic is pinned to a hardened edge. The raw origin is not reachable on its own.

Fail-closed behavior you can verify today in the open-source sidecar, which runs entirely inside your own environment. The full property set above describes the architecture of Qortara Cloud Governance, in pre-launch hardening.

Prove your agents are governed.

Start capturing evidence today with the free, open-source Developer tier. EU AI Act Article 12 and 14 conformance packs are part of the pre-launch Qortara Cloud Governance plane; request beta access for design-partner pilots.

Qortara produces conformance evidence, not a compliance determination. Using Qortara does not guarantee compliance with any framework; your auditor or counsel decides whether it satisfies your obligations.

Extends the open-source

Microsoft Agent Governance Toolkit

Compatible with LangChain, CrewAI, AutoGen, OpenAI Agents, Google ADK, and any AGT-supported framework. Built on top of AGT, never a fork. We track Microsoft’s upstream releases to maintain compatibility.