Inspiration
AI agents are becoming autonomous employees. They send emails, access databases, make purchasing decisions, and interact with customers.
But when an AI agent leaks customer data, violates a compliance policy, or performs an unauthorized action, the organization-not the model provider-is legally responsible.
We built AgentWitness because enterprises are deploying AI agents faster than they can govern them. Existing observability tools track latency and token usage. They do not explain intent, enforce policy, or generate compliance evidence. AgentWitness closes that gap.
What it does
AgentWitness is a real-time governance platform for AI agents.
It continuously monitors agent actions, evaluates them against security and compliance policies, blocks risky behavior before it reaches external systems, and generates audit-ready compliance evidence automatically.
The platform is designed for: -CISOs -Compliance teams -Security operations teams -Engineering leaders deploying AI agents
Key capabilities include: -Real-time AI agent monitoring -Policy enforcement and violation blocking -Semantic anomaly detection -AI incident replay and forensic analysis -Compliance evidence generation -Executive governance reporting -Emergency kill switch controls
Why - H0 Track 2
1. Billion-dollar emerging category with no clear incumbent. Datadog, LangSmith, and OpenTelemetry were designed before autonomous AI agents existed. The first purpose-built AI governance platform that can land a Fortune 500 compliance contract owns this category. The EU AI Act enforcement date creates a hard external forcing function for enterprise adoption in 2026.
2. Immediate, demonstrable enterprise demand. Every company running LangChain, AutoGen, or CrewAI in production with access to customer data, financial systems, or regulated information needs this product today. The demo shows a live working system — not a prototype — with real Aurora data, real policy enforcement, and a real PDF download.
3. Production-grade technical architecture. Aurora Multi-AZ, HNSW vector index, Row Level Security, SCRAM-SHA-256 auth, TLS 1.3, write-once audit records, incremental polling, and a deterministic policy engine with zero LLM dependencies in the critical path. This is not a demo scaffold — it is a system designed to handle a $10M ARR customer base.
4. Technically difficult to replicate. The combination of pgvector HNSW semantic search co-located with an ACID audit trail under RLS tenant isolation, backed by a real-time governance score computed from percentage-based violation rates, and wired to a sub-3-second compliance PDF generator is a non-trivial engineering investment. The moat is the data: once an organization's audit history is in Aurora, it becomes the system of record.
5. Clear, proven monetization path. Compliance tooling is a cost center that converts to a budget line item the moment a regulator asks a question. The pricing is defensible, the retention is structurally high, and the land-and-expand motion from Growth to Enterprise is driven by the compliance team, not the engineering team.
How we built it
AWS Databases Used Aurora PostgreSQL serves as the system of record.
We use it to: -Store immutable audit trails -Enforce Row Level Security (RLS) for tenant isolation -Run pgvector semantic search -Generate compliance reports -Compute governance and trust scores
The pgvector extension enables semantic similarity search using HNSW indexing, allowing investigators to search incidents by intent rather than exact keywords.
Amazon DynamoDB DynamoDB powers the real-time event stream. Every AI action is written to DynamoDB through a low-latency ingestion path, enabling:
-Live monitoring dashboards -Instant event visibility -High-throughput event ingestion -Automatic TTL-based cleanup
This separation gives us enterprise-scale architecture: Aurora = compliance + analytics DynamoDB = real-time operations
Enterprise Features
| Feature | Implementation |
|---|---|
| Multi-tenant isolation | Row Level Security on agent_actions, agents, policies — database-layer enforcement, not application-layer |
| Tenant context | SET LOCAL app.current_tenant = '<uuid>' per request via setTenantContext() — bypasses are structurally impossible |
| Authentication | SCRAM-SHA-256 (eliminates MD5 downgrade attacks), TLS 1.3 in transit, Aurora CA bundle pinned at connection pool |
| Vector search | pgvector 0.8.1 HNSW index (vector_cosine_ops) — 1536-dimension, sub-millisecond ANN search |
| Audit trail | Write-once agent_actions records with input summary, output summary, policy verdict, cost, and embedding |
| Compliance | 10-page PDF covering SOC 2 Type II, EU AI Act 2024/1689, ISO 27001:2022 — generated from live data |
| Live monitoring | Aurora incremental polling (WHERE created_at > :since) — no WebSockets, no DynamoDB dependency for display |
| Kill switch | Tenant-wide execution pause with actor attribution, mandatory reason, and immutable audit record |
| Health endpoint | GET /api/health verifies Aurora, pgvector extension, RLS policy count, and row count |
| Governance score | Live 0–100 score computed per request from percentage-based violation rates — no cached stale values |
Challenges we ran into
The biggest challenge was balancing governance depth with real-time performance. Semantic search requires vector indexing and compliance reporting requires complex aggregation queries. At the same time, security teams expect real-time visibility.
We solved this by separating responsibilities: -DynamoDB handles live operational traffic -Aurora PostgreSQL handles audit, search, and compliance
We also implemented Row Level Security at the database layer to guarantee tenant isolation rather than relying on application-level filtering.
Accomplishments that we're proud of
-Built semantic incident search using Aurora PostgreSQL pgvector -Generated compliance evidence packages in seconds -Implemented tenant isolation using PostgreSQL RLS -Created a dual-database architecture using Aurora and DynamoDB -Delivered executive dashboards, forensic replay, policy enforcement, and compliance automation in a single platform
Most importantly, we built a product that solves a real enterprise problem instead of a demo that only works during judging.
What we learned
We learned that AI governance is fundamentally a database problem. Organizations need immutable records, semantic retrieval, tenant isolation, and real-time visibility.
Aurora PostgreSQL and DynamoDB complement each other extremely well: -Aurora provides compliance-grade storage and semantic search -DynamoDB provides operational speed and scale
Together they create the foundation required for enterprise AI governance.
What's next for AgentWitness
Our roadmap includes: -Enterprise SSO and SCIM -Slack and Microsoft Teams integrations -Custom policy builders -Automated compliance workflows -Agent SDKs for LangChain, CrewAI, OpenAI Agents, and AutoGen -Commercial SaaS launch at $299–$999/month
Our vision is simple: Every AI agent should be as auditable, governable, and accountable as a human employee.
Built With
- amazon-web-services
- amazondynamodb
- aurorapostgresql
- css
- next.js
- openrouter
- pgvector
- react
- sdk
- security
- tailwind
- typescript
- vercel
Log in or sign up for Devpost to join the conversation.