Vienna OS is an enterprise governance platform for autonomous AI agents. It sits between agent intent and execution, providing policy enforcement, approval workflows, and audit trails.

How does risk tiering work?

Vienna OS classifies actions into T0 (auto-approved), T1 (heuristic log), T2 (human gate), and T3 (strict halt requiring multi-sig) based on risk assessment policies you define.

Does Vienna OS help with regulatory compliance?

Vienna OS provides the audit trail controls, access logging, and policy enforcement that accelerate SOC 2, HIPAA, and EU AI Act compliance. It maps to specific regulatory sections (e.g., SOC 2 CC6.1-CC8.1, HIPAA §164.312).

Vienna OS — Governance Kernel for Autonomous AI

SYSTEM_STATUS: OPERATIONAL

Infrastructure-grade execution control plane. Issue cryptographic warrants for AI agent operations. Immutable audit trails. Zero-trust authorization.

GENERATE_WARRANT →(free trial)VIEW_SPEC

target_p99

<50ms

audit_algo

SHA-256

arch_model

ZeroTrust

Pricing Tier

$0/mo — community edition (5 agents)

view_full_pricing →

EXECUTION_WARRANT

ep_id: EP-OPS-3C19

warrant_serial

WRT-7F3A-82B1-4D9E

auth_status

VERIFIED

risk_tier

T2 (HUMAN_GATE)

issued_at

2026-04-07T14:02:44Z

principal_agent

AGENT_SIGMA_V4

action_scope

DB_SCHEMA_MIGRATION

authorized_by

S. CHEN (VP ENG)

target_env

PRODUCTION_CLUSTER_01

ttl_remaining: 298s● ACTIVE

ai.ventures30+ AI products

risk-ai/regulatoraiOpen Source

BSL-1.1

94+

proposals evaluated

75+

warrants issued

252+

audit events logged

10+

active policies

EXECUTION_PIPELINE

intent → policy → risk tier → proposal → approval → warrant → execute → audit

INTENT_SUBMIT[1/8]

Agent declares intended action

agent → API

✓ DONE

POLICY_EVAL[2/8]

Engine evaluates against policies

11 operators

✓ DONE

RISK_TIER_ROUTE[3/8]

Classify T0-T3, route accordingly

auto | gate | halt

✓ DONE

PROPOSAL_CREATE[4/8]

Generate proposal for approvers

quorum defined

✓ DONE

APPROVAL_GATE[5/8]

Human or policy approves / denies

M-of-N quorum

✓ DONE

WARRANT_ISSUE[6/8]

Cryptographic warrant signed

SHA-256 + TTL

✓ DONE

EXECUTION[7/8]

Agent executes with warrant authority

scoped + bounded

✓ DONE

AUDIT_CHAIN[8/8]

Immutable record written to ledger

HMAC-signed

✓ DONE

FULL_PIPELINE_FLOW

Intent → Policy Eval → Risk Tier → Proposal → Approval → Warrant → Execution → Audit Chain

SYSTEM_ARCHITECTURE

infrastructure-grade governance — every layer purpose-built for autonomous AI operations

ARCHITECTURE_OVERVIEWhover layers for details

AGENT_LAYER

Agent AAgent BAgent N→ submit intents via SDK

Python, Node.js, GitHub Actions, Terraform — any agent submits structured intents

│ REST / WebSocket / SSE │

API_GATEWAY

auth: API key + JWT

rate_limit: per-tenant

protocol: REST + SSE streaming

Multi-tenant isolation, scoped API keys, real-time event streaming for approval workflows

▼

GOVERNANCE
KERNEL

POLICY_ENGINE

11 operators, priority-ordered eval

latency: <50ms p99

RISK_ROUTER

T0-T3 classification, auto-route

auto | gate | halt

WARRANT_AUTHORITY

HMAC-SHA256 signed, TTL-bounded

scope-restricted

▼

EXECUTION
+ AUDIT

●M-of-N approval quorum

●Scoped warrant execution

●Anomaly detection + alerting

●HMAC-signed immutable audit log

PostgreSQL (Neon) data layer with configurable retention, dead letter queue, real-time SSE events

DEPLOY_CLOUD

Vercel + Neon — serverless, zero-ops

DEPLOY_SELF_HOST

Docker Compose — your infra, your data

DEPLOY_HYBRID

Cloud control + on-prem execution

COMPLIANCE_READY

SOC2GDPRISO27001HIPAA

audit trail → compliance mapping

RISK_TIER_MATRIX

classify → route → enforce → verify

AUTO_APPROVE

latency: <5ms

scope: read_only

audit: log_only

POLICY_GATE

max_ttl: 1h

scope: staging

approval: heuristic

HUMAN_GATE

max_ttl: 30m

targets: prod (write)

mode: break-glass

STRICT_HALT

quorum: 3-of-5

scope: destructive

rollback: mandatory

DEPLOYMENTS + USE_CASES

real production deployments — devops | compliance | executive

DEPLOYMENT_CASE_STUDYproduction since 2026-03

org

ai.ventures

governed_agents

20+

products

30+ AI sites

key_deployment

law.ai

"We run 20+ autonomous agents across our portfolio — law.ai, biography.ai, corporate.ai, and dozens more. Before Vienna OS, an agent deployed a breaking schema migration to production at 3 AM with zero approval. That can't happen anymore. Every prod write requires a T2 warrant with human sign-off."

Whit Anderson

CEO, ai.ventures

DEVOPS_LEAD

role: infrastructure automation

challenge: agents deploy prod w/o oversight

solution: T2 gate on prod writes

result: 0 unauthorized deployments

law.ai — legal research agents, doc analysis

COMPLIANCE_OFFICER

role: regulatory audit

challenge: no audit trail for AI decisions

solution: SHA-256 signed warrants

result: audit-ready in weeks, not months

biography.ai — content gen, media processing

CTO

role: technical strategy

challenge: scale agents w/o losing control

solution: policy-based auto-approval

result: govern at scale, not at the expense of speed

corporate.ai — vendor scoring, marketplace ops

SDK_INSTALLATION

npm | pip | github-actions | terraform

INSTALLnpm | pip

$ npm install @vienna-os/sdk

$ pip install vienna-os

USAGE_EXAMPLEnode.js

import { ViennaClient } from '@vienna-os/sdk';

const vienna = new ViennaClient({
  apiKey: process.env.VIENNA_API_KEY
});

// Submit intent — Vienna evaluates policy,
// routes by risk tier, gates if needed
const result = await vienna.intent.submit({
  action: 'deploy_production',
  agent:  'deploy-bot-v3',
  payload: { service: 'api-gateway' }
});

if (result.warrant) {
  // Warrant issued — execute with authority
  await deployService(result.warrant.id);
  await vienna.execution.complete(
    result.warrant.id,
    { status: 'success' }
  );
}

full integration guide →

FRAMEWORK_SUPPORT

GitHub Actions

Terraform

LangChain

CrewAI

PYTHON3 lines to govern

from vienna_os import ViennaClient

vienna = ViennaClient(api_key=os.environ["VIENNA_API_KEY"])

result = vienna.intent.submit(
    action="db_migration",
    agent="migration-bot",
    payload={"target": "production"}
)

BEFORE_AFTER

real incident at ai.ventures — before and after Vienna OS deployment

BEFORE_VIENNA_OSai.ventures — pre-March 2026

incident:

03:14 - agent deploys schema migration to prod

03:15 - site goes down — breaking change

03:47 - team paged, investigation begins

04:23 - manual rollback initiated

04:58 - service restored

downtime: 104 minutes

approval: none — agent acted autonomously

audit_trail: no record of who authorized

WITH_VIENNA_OSai.ventures — since March 2026

same scenario, governed:

10:22 - agent requests prod migration

10:22 - Vienna policy eval → T2 HUMAN_GATE

10:26 - engineer reviews + approves warrant

10:27 - migration executes with warrant authority

10:29 - success, SHA-256 audit record written

downtime: 0 — human reviewed first

approval: warrant-signed, time-bounded

audit_trail: cryptographic, immutable

100%

unauthorized deploys blocked

4min

avg_approval_time

incident_cost (governed)

PROTOCOL_SPEC

open_warrant_standard v1.0

<50ms

target_p99_latency

sub-second policy eval

no governance bottleneck

view benchmarks →

SHA-256

audit_hash

cryptographic signatures

tamper-evident trail

hash-chain integrity

0-Trust

arch_model

explicit authorization

no implicit grants

no ambient authority

POLICY_SIMULATOR

try it yourself — submit an intent, watch the governance pipeline evaluate in real time

POLICY_SIMULATOR

interactive demo

ACTION_TYPE

TARGET_ENV

AGENT_IDENTITY

PREDICTED_RISK_TIER

T2HUMAN_GATE

EVAL_OUTPUT○ READY

INTENT

POLICY

RISK

ROUTE

// select parameters and click SUBMIT_INTENT to begin simulation

DEPLOY_GOVERNANCE

$ vienna-os init --tier production

integrate warrant protocol into agentic infrastructure (python | node | rust)

GENERATE_WARRANT →QUICKSTART_GUIDE

community_tier: 5 agents, full pipelinesetup_time: <5min

/blog /compare /about /enterprise /github

LATEST_DISPATCHES

governance insights + engineering deep-dives

VIEW_ALL →

VIEW_ALL_DISPATCHES →

DISPATCH_SUBSCRIBE

AI governance updates, release notes, and compliance insights. No spam.

Vienna OS — Governance Kernel for Autonomous AI Operations with Signed Warrants

EXECUTION_PIPELINE

SYSTEM_ARCHITECTURE

RISK_TIER_MATRIX

DEPLOYMENTS + USE_CASES

SDK_INSTALLATION

BEFORE_AFTER

PROTOCOL_SPEC

POLICY_SIMULATOR

$ vienna-os init --tier production

LATEST_DISPATCHES