Introduction
RenLayer is the control plane for AI agent governance. A real-time governance layer that sits between your AI agents and your infrastructure.
Unlike observability dashboards that show you what happened after the fact, RenLayer enforces rules before impact. Policies evaluate inline during agent execution with sub-millisecond overhead, blocking forbidden actions before they reach your systems.
RenLayer is designed for enterprise teams that run AI agents in production and need to answer three questions at all times:
- Who is this agent? Unique identity, scoped credentials, role-based access controls
- What is it allowed to do? Policy-as-code with pre-execution enforcement points
- What did it actually do? Complete reasoning traces mapped to compliance frameworks
Built in Europe and fully compliant with GDPR and the EU AI Act, RenLayer integrates with any agent framework in three lines of code.
Quickstart
SDK installation, agent setup, and configuration reference. Available after requesting a demo.
Integrations
Code examples for LangChain, CrewAI, AutoGen, and custom framework integrations. Available after requesting a demo.
Features
RenLayer provides eight core capabilities for governing AI agents at scale.
Agent Identity & Access Management
Every AI agent in your fleet gets a unique identity with scoped credentials. RenLayer replaces shared API keys with individual agent identities, providing role-based access controls (RBAC) and full lifecycle management.
- Unique identity per agent with cryptographic credentials
- Role-based access controls scoped to data, APIs, and infrastructure
- Lifecycle management: provisioning, rotation, and revocation
- Eliminates the security risk of shared API keys across agent fleets
Cost Governance
Track and enforce spending across your entire AI agent fleet in real time. Budget caps prevent runaway costs with automatic circuit breakers that pause agents approaching their limits.
- Real-time spend tracking per agent, per team, and per project
- Budget caps with hard enforcement that cannot be overridden by agents
- Circuit breakers that automatically pause agents at configurable thresholds
- Spend analytics and forecasting across the fleet
Audit Trails
Every agent action is recorded with complete reasoning traces. Audit logs are pre-mapped to major compliance frameworks, enabling forensic investigation and regulatory reporting.
- Full reasoning traces for every agent decision and action
- Pre-mapped to GDPR, EU AI Act, SOC 2, and ISO 42001
- Forensic capabilities for incident investigation
- Exportable reports for regulatory audits
Live Kill Switch
Maintain emergency response capability over your agent fleet. Pause, terminate, or rollback any agent in real time with automatic circuit breakers based on cost, latency, or error thresholds.
- Pause, terminate, or rollback any agent instantly
- Automatic circuit breakers triggered by cost, latency, or errors
- Fleet-wide emergency stop for critical incidents
- Rollback to known-good checkpoints
Human-in-the-Loop Orchestration
Route high-risk decisions to human reviewers automatically. Configure escalation thresholds by action type, data sensitivity, financial value, and confidence score.
- Automatic escalation for financial transactions above configurable limits
- Production infrastructure actions require human approval
- Low-confidence decisions are routed for review
- Configurable escalation rules per policy
Policy-as-Code
Define governance rules as version-controlled code. Policies evaluate inline during agent execution at pre-execution enforcement points, blocking forbidden actions before they happen.
- Governance rules defined as YAML or code, stored alongside your agents
- Pre-execution enforcement: policies block actions before they reach systems
- Sub-millisecond evaluation overhead
- Version-controlled and testable like application code
- Deny-by-default security model
RenShield Security Scanner
Scan agent code repositories for AI-specific vulnerabilities before deployment. RenShield integrates into your CI/CD pipeline and blocks deployments that fail security thresholds.
- Detects prompt injection, data exfiltration, and privilege escalation risks
- Identifies unvalidated tool calls and insecure memory handling
- CI/CD gate integration: blocks insecure deployments automatically
- Risk scoring with severity ratings and remediation suggestions
- Connects to GitHub, GitLab, and Bitbucket repositories
Deployment Options
Deploy RenLayer wherever your compliance requirements demand. Choose between managed SaaS, bring-your-own-cloud (BYOC), or fully on-premise installations with the same feature set across all modes.
- SaaS: Managed by RenLayer, EU-hosted, zero infrastructure overhead
- BYOC: Runs in your cloud account (AWS, GCP, Azure) with your security controls
- On-premise: Full air-gapped deployment for maximum data sovereignty
Panel Configuration
Dashboard overview, policy setup, and alert configuration details. Available after requesting a demo.
Security & Privacy
RenLayer is built with a zero-trust security model and designed for regulated industries. Data treatment follows the strictest European standards.
GDPR Compliance
RenLayer is fully compliant with the General Data Protection Regulation (GDPR). Data processing is governed by clear lawful bases, and all personal data handling follows the principles of data minimization and purpose limitation.
- Data minimization: Only governance metadata is collected. Agent payloads are never stored unless explicitly configured.
- Lawful basis: Processing based on legitimate interest (governance) or contractual necessity
- Data subject rights: Full support for access, rectification, erasure, and portability requests
- Cross-border transfers: Data stays within your configured region. No transatlantic transfers unless explicitly allowed.
- Data Processing Agreement (DPA): Standard contractual clauses available for all customers
EU AI Act
RenLayer addresses the key requirements of the EU AI Act for high-risk AI systems.
- Risk management: Pre-deployment assessment via RenShield, continuous monitoring via audit trails, incident response via kill switch
- Transparency: Complete technical documentation, decision logging for every action, and user notification capabilities
- Human oversight: HITL workflows ensure humans remain in control, with override capability and real-time dashboards
- Accuracy & robustness: Prompt injection protection, robustness testing via RenShield, vulnerability management
- Data governance: Compliant data handling with geographic restrictions, PII detection, and automatic redaction
SOC 2 & ISO 42001
Audit trails are pre-mapped to SOC 2 and ISO 42001 controls, reducing the effort required for certification audits.
- SOC 2: Automated evidence collection for Trust Services Criteria (security, availability, processing integrity, confidentiality, privacy)
- ISO 42001: AI management system controls mapped to RenLayer governance features, including risk assessment, performance evaluation, and continuous improvement
- Audit exports: Generate compliance reports in standard formats for auditors
Data Residency
You control where your data lives. RenLayer supports multiple deployment modes to meet your data sovereignty requirements.
- EU-hosted SaaS: Data processed and stored exclusively in EU data centers
- BYOC (Bring Your Own Cloud): RenLayer runs in your AWS, GCP, or Azure account under your security controls
- On-premise: Air-gapped deployment with no external data transmission
- Region pinning: Configure specific regions per policy to enforce geographic data restrictions at the agent level
API Reference
Full SDK method reference, code examples, and return types. Available after requesting a demo.
Frequently Asked Questions
What languages does the RenLayer SDK support?
The RenLayer SDK is available for Python, C, and C++. Python is the recommended choice for most AI agent frameworks like LangChain, CrewAI, and AutoGen. C and C++ SDKs are available for performance-critical or embedded agent systems.
Can I self-host RenLayer?
Yes. RenLayer supports three deployment modes: SaaS (managed by RenLayer), BYOC (Bring Your Own Cloud), and fully on-premise installations. All modes provide the same feature set. On-premise deployments support air-gapped environments with no external data transmission.
How long does integration take?
Most teams integrate the RenLayer SDK in under a day. The basic setup requires only three lines of code and works with your existing agent framework without refactoring. Full deployment with compliance policies and team onboarding typically takes under two weeks.
Is RenLayer compliant with GDPR and the EU AI Act?
Yes. RenLayer is built in Europe and is fully compliant with GDPR and the EU AI Act. Audit trails are pre-mapped to GDPR, EU AI Act, SOC 2, and ISO 42001 requirements. Data processing follows data minimization principles and stays within your configured region.
Does RenLayer add latency to my agents?
Policy evaluation adds sub-millisecond overhead. RenLayer is designed for inline enforcement during agent execution. The governance layer runs alongside your agents with negligible performance impact on end-to-end execution time.
What happens when an agent exceeds its budget?
Circuit breakers automatically pause agents approaching their budget limit. You can configure budget caps per agent, per team, or per project with hard enforcement that cannot be overridden by the agent. Paused agents can be resumed manually after budget review.
How does the kill switch work?
The kill switch allows you to pause, terminate, or rollback any agent in real time from the dashboard or via API. Automatic circuit breakers can be configured to trigger based on cost thresholds, latency spikes, or error rates. Fleet-wide emergency stop is available for critical incidents.
Can I use RenLayer with a custom agent framework?
Yes. RenLayer wraps any callable agent regardless of the framework. If your agent exposes a run method or is callable, the SDK can govern it. No framework-specific adapters are required.
Ready to govern your AI agents?
Deploy RenLayer in under two weeks with full GDPR and EU AI Act compliance.