Skip to content
Agentic Control Plane

Trust & security

ACP sits in your agents’ runtime call path. That’s the whole point — and it’s also exactly why you should ask hard questions before routing production through anyone, including us. This page answers the five we’d ask.


1. What ACP sees and stores

By default, we store metadata, not payloads.

Every governed call writes an audit record: tool name, the acting identity, the policy decision (allow / redact / deny and which rule), timestamp, latency, token counts, and metered cost. That is the default record — request and response content is processed in memory to execute the call and is not stored.

  • Payload capture is off by default and opt-in per workspace. If you enable trace capture, input/output previews are stored truncated (1,500 characters) — and PII detected in content is redacted before anything is written, not after.
  • Your connected credentials (OAuth tokens for GitHub, Slack, etc.) are encrypted with AES-256-GCM under KMS-managed keys, stored per user, per workspace.
  • We never train models on your data, and never share it for training. Full detail in the Privacy Policy.
  • Retention follows your plan (30 days on Free, 90 on Pro, 1 year on Team, custom on Enterprise), and you can export your logs as CSV anytime.

The short version: we designed ACP so that trusting us requires trusting us with as little as possible. Deny-by-default applies to our own data handling, not just your agents.

2. What happens if we disappear

The uncomfortable question about any young vendor — so we answered it with architecture instead of promises:

  • The enforcement layer is open source. The governance modules (identity, policy, limits, redaction, audit) are MIT-licensed npm packages. They run in your infrastructure, with or without us.
  • Self-hosting is a supported path, not an enterprise upsell.
  • Your audit data is exportable (CSV today, API always).

If we vanished tomorrow, your control plane keeps running and your data comes with you. Very few vendors in this category can say that; it’s the reason we built on open source.

3. Is anyone actually using this?

Yes — starting with us, on purpose. Our own production agents route every tool and model call through ACP. The counter on the homepage is fed by real governed traffic, ours included. We publish what we learn from running it — including a teardown of 201,377 of our own governed calls, what 210,000 calls actually cost, and the loop tax it exposed. We’d rather show you our audit trail than a logo wall we haven’t earned yet.

4. Security posture — what’s true today

What we do:

  • Deny-by-default enforcement on every governed call, scoped to the acting user’s identity.
  • Encryption in transit (TLS) and at rest (Google Cloud infrastructure, us-central1); application-level AES-256-GCM for stored credentials.
  • No passwords stored — authentication is delegated to Firebase Auth / your identity provider.
  • Privacy-first analytics (self-hosted Plausible — no cookies, no cross-site tracking) on our own sites.
  • Secret-scanning gates on our own code, and least-privilege keys for our own vendors. We hold ourselves to the model we sell.

What we don’t have yet — said plainly:

  • We are not yet SOC 2 / ISO 27001 / HIPAA certified. Certifications are on the roadmap. What ACP gives you today is the evidence layer those frameworks ask for: identity-attributed logs of every agent action, policy decisions, and redaction findings — audit exports built to serve as evidence in your own certification work.

Found a vulnerability? See /.well-known/security.txt — or email david@reducibl.com. We respond fast and we don’t shoot messengers.

5. Who’s behind this

I’m David — ACP is built by Reducibl. I built it because my own production agents needed it: I wanted to see, control, and price every action they took, and nothing off the shelf sat in the call path and did all three. My agents have run through it ever since — every call on that homepage counter includes mine.

If you’re evaluating ACP for a team, I’ll answer the hard questions directly: book 30 minutes or email david@reducibl.com.


The paper trail: Terms of Service · Privacy Policy · What is an Agentic Control Plane? · Pricing