Verified release infrastructure

Verification before autonomous action becomes operational.

TaskHawk builds standards-driven verified release infrastructure for enterprise and regulated environments. Kevros checks protected autonomous actions before execution, returns signed ALLOW, CONSTRAIN, or DENY decisions, and records hash-chained evidence for independent review.

  • Public AWS Marketplace container offer
  • Amazon Bedrock AgentCore, ECS, and EKS delivery
  • Six-layer formal verification program
  • Fail-closed evidence gateway
Buyer next step

Use this page to decide whether a protected action needs a Kevros release boundary.

If your team is evaluating agentic AI, automated spend, privileged tool calls, operational release, or regulated workflow actions, start with a short technical briefing. The useful input is one protected action class, the operating environment, and the consequence if the action is released incorrectly.

Technical briefing request

Email contracts

Submitting prepares a briefing request for TaskHawk. Runtime payloads, customer operational data, credentials, and controlled documents should not be included in this form.

Operating problem

Identity, logging, workflow automation, and model policy remain necessary. They do not, by themselves, decide whether a proposed autonomous action may be released.

Release boundary

Kevros adds a checked release point where a proposed action becomes operational.

Before action The request is evaluated against policy, freshness, replay risk, requester authority, and operating constraints before the protected boundary opens.
At decision Kevros returns a signed decision class: ALLOW, CONSTRAIN, or DENY. Invalid, ambiguous, stale, or out-of-policy requests stay closed.
Afterward The decision is recorded as verifier-facing evidence, including release-token metadata and hash-chain position for review.
AWS deployment path

Procure Kevros as a public AWS Marketplace container product.

Procurement options

Choose the current Free Trial, Starter, Professional, or Enterprise contract option in the AWS Marketplace procurement interface.

View AWS procurement options

Deployment path

The public offer supports container deployment for Amazon ECS, Amazon EKS, ECS Anywhere, EKS Anywhere, and Amazon Bedrock AgentCore A2A and MCP delivery options.

Review integration notes

Product details

Review the AWS listing for the current version, delivery options, usage instructions, support terms, and legal materials.

Review AWS listing

AWS Marketplace availability is a procurement route. It should not be read as a customer endorsement, revenue claim, standards-body approval, or third-party certification.

Procurement options

Start from the tier that matches the protected boundary.

Marketplace option Best first use Procurement action
Free Trial Evaluation of release-token behavior, evidence records, and deployment path. Select in AWS Marketplace
Starter Production entry point for a narrow protected action class. Select in AWS Marketplace
Professional Higher-volume governance calls with additional evidence and monitoring needs. Select in AWS Marketplace
Enterprise Fleet-level governance, certifier-grade evidence bundles, and regulated review workflows. Select in AWS Marketplace

Current pricing, term length, discounts, tax treatment, financing availability, and AWS infrastructure charges are displayed and controlled in AWS Marketplace.

Standards-governed posture

Designed for reviewers who need evidence before consequence.

Formal verification

Six independent verification layers support the release-boundary claim, including model checking, SMT proofs, bounded checks, runtime assertions, golden vectors, and Lean theorem work.

Verifier-facing record

Compliance-aligned evidence

Hash-chained records, signed release tokens, and evidence bundles are designed to support governance reviews without replacing the buyer's compliance program.

Review support

Fail-closed operations

Protected actions do not become permitted because a verifier is stale, ambiguous, unreachable, or missing required context.

Operational boundary
Boundary classes

Start with one action class, prove failure behavior, then expand.

Boundary Verification question Evidence output
Machine spend Was this requester cleared for this value, budget, context, and time window? Signed release decision plus budget-bound request record.
Tool invocation May this agent call the protected tool with the supplied payload? Decision class, release token, verification id, and audit metadata.
Privileged mutation May this software change production state under current policy? Hash-chained decision record tied to request and operating context.
Disclosure or release May the proposed data, artifact, message, or command cross the protected boundary? Reviewer-facing allow, constrain, or deny evidence.
Production next step

Use AWS Marketplace when procurement is ready. Use a briefing when the boundary needs review.

Procure Kevros

Open AWS Marketplace procurement options and select the current contract tier.

Review Kevros and procurement options

Scope a protected boundary

Select one action class, operating environment, reviewer, and failure behavior for technical review.

Request technical briefing

Check public status

Review public gateway status and payment-route metadata as discovery evidence, not settlement or revenue evidence.

View governance status