Frequently asked questions

Enforcement decisions complete in under 20ms at p50 and under 30ms at p99 on a local deployment with 10 concurrent connections. Your agent's user-facing latency is dominated by model inference, not Execlave.

Yes. Self-hosted deployment is included on every paid plan and the free tier. You get the same Docker images we run in our cloud, plus a JWT license key. Your data never leaves your network. See the self-hosted page for details.

SOC 2 Type II, ISO 27001, EU AI Act, GDPR, HIPAA, PCI DSS, and NIST AI RMF. Compliance reports are generated from your actual audit log — not from a questionnaire — and map to the specific controls each framework requires (CC6.1, A.9.1, Art. 14, Art. 30, §164.308, etc.).

Those tools focus on input/output validation at the prompt layer. Execlave is the governance layer one level deeper: it sits between the agent and the systems it can act on (tools, APIs, databases, files). Prompt validation catches some attacks; tool-level enforcement catches all of them, plus produces the audit trail your compliance team needs. They are complementary, not competing.

The Execlave audit chain is the only place where every action your agents took on customer data is recorded in a tamper-proof, auditor-acceptable format. After 90 days of use, removing Execlave doesn't just remove a tool — it removes your compliance evidence. Most customers treat this as a feature. We treat it as honesty.

You do. In cloud mode, your data is encrypted at rest, isolated by organization via Postgres Row-Level Security, and never used to train any model. In self-hosted mode, we never see your data — it lives entirely on your infrastructure. We can prove this because the only thing that crosses the boundary in self-hosted is a license heartbeat (no customer data, just a fingerprint and a timestamp).