Runback
For security, risk & compliance

Adopt AI agents your auditors will sign off on.

Runback gives risk and platform teams a system of record for every agent decision — reproduce any incident, gate every release against policy, and keep the evidence. None of it has to leave your perimeter.

Talk to us →Read the setup guide
Maps to controls inAPRA CPS 230EU AI ActSR 11-7
support-agent · refund · blocked at gateclick any step ↓
Policy gate · issue_refund — blocked
amount
$250
rule
no_refund_over_100
blocked call
issue_refund({ amount: 250, customer_id: 8842 })
Release gate blocked this: a $250 refund on a disputed charge breaks two policies. Caught in the eval — never reached the customer or the ledger.
Why this isn't another observability tool

Logs let you read what happened. Runback lets you reproduce and prove it.

Observability platforms show you a trace. They can't re-run the decision, can't block a release, and can't hand your auditor a reproducible record. That combination — fidelity, control, and evidence, framework-agnostic — is the part that's hard to copy.

Read-only observability

  • Shows a trace you can read, after the fact
  • No way to reproduce the exact decision
  • Can't block a release that breaks policy
  • SaaS-only — your prompts and data leave your perimeter

Runback

  • Replay any step exactly — or edited — to reproduce an incident
  • Gate every release against policy as an eval
  • A replayable, audit-ready record of every decision
  • Self-host — redaction in-process, data never leaves
Data perimeter

Your traces. Your keys. Your building.

Agent traces carry your prompts, your customer data, and your IP. Nothing about getting governance should force that out of your control.

Self-host in your VPC

Runback is a Next.js app and a Postgres database. Run the whole thing inside your own cloud — traces are written to a store you own and never touch our servers.

Redaction before it leaves the process

Keys, tokens, emails, card numbers, SSNs — scrubbed inside your application process, before a trace is sent anywhere. Even your own backend never sees them.

Your store, your retention

Point Runback at Postgres you control. You set retention, you set access, you delete a run and it's gone. No third-party copy of your evidence.

Open, not locked-in

Open-source SDK, OpenTelemetry ingest, a documented flat event schema. Your audit history is yours to export and keep.

Speaks your risk team's language

Evidence for the controls you answer to.

Runback produces the observability, reproducibility, and audit records these regimes expect of AI systems. It supports your controls — it is not, by itself, a compliance certificate.

APRA CPS 230

Operational risk, continuous monitoring, and incident management for critical operations — now including the agents inside them.

EU AI Act

Logging, traceability, record-keeping, and human-oversight duties for higher-risk AI systems.

SR 11-7 / model risk

Validation, ongoing monitoring, and a defensible record of how a model-driven decision was reached.

Where things stand

Honest about today vs. the roadmap.

We'd rather you trust the list than be surprised in a security review.

Available today

  • Self-host (Next.js + Postgres) in your own cloud
  • In-process secret & PII redaction (configurable)
  • Full-fidelity step replay & incident reproduction
  • Policy gates via evals (datasets + scorers)
  • Bring-your-own Postgres / Supabase · scoped API keys
  • Open-source SDK & OpenTelemetry ingestion

On the roadmap

  • Audit export (signed, immutable incident records)
  • RBAC + SSO (SAML / OIDC)
  • Retention policies & legal hold
  • CI release gate (fail the build on regression)
  • SOC 2 Type II · data-residency regions

Bring agents into production without losing the audit.

Self-host with the open-source code and redaction on from day one. Tell us which controls gate your rollout and we'll prioritize with you.

Talk to security & risk →See integrations