PlantoOS Product

Enterprise OS

A governed runtime for enterprise agent systems — memory, policies, and lineage in one substrate.

Get in TouchWhat is Medhara?

The enterprise governance gap

  • Enterprises deploying agents face immediate governance and compliance risk — there is no standard runtime that enforces boundaries.
  • Agent systems lack auditability — when something goes wrong, reconstructing the decision chain requires manual log correlation.
  • Operational control is fragmented — each team builds their own guardrails, leading to inconsistent policy enforcement across agent fleets.
  • Security boundaries are undefined — agents operate with ambient authority, accessing tools and data without scope checks.

What Enterprise OS provides

Unified runtime for agent orchestration

Enterprise OS provides a unified control plane for managing agent execution across tools and systems.

PlantoOSAgentsfraud-detector
running

Agent Runtime

Run #4,817 · Started 14:32:01 UTC

Latency
287ms
Tokens
1,284
Cost
$0.0038
Steps
6 / 6

Agent Workflow Timeline

Trigger Received0ms
Context Loaded42ms
Policy Evaluated58ms
Tool: query_db124ms
Tool: classify_intent203ms
Response Composed287ms

Step Execution Log

14:32:01.042INFOAgent invoked via webhook trigger /api/v1/agents/fraud-detector
14:32:01.058INFOPolicy stack evaluated — 6 rules passed, 0 denied
14:32:01.124DEBUGTool query_db executed in 66ms — 23 rows returned
14:32:01.203DEBUGTool classify_intent completed — confidence 0.94
14:32:01.245WARNToken budget 82% consumed — switching to compact mode
14:32:01.287INFOResponse generation started — streaming enabled

Tool Invocation History

ToolLatencyTokensStatus
query_db66ms340success
classify_intent79ms128success
fetch_user_profile34ms96success
validate_schema12ms54success

Agent Details

Agentfraud-detector
Versionv2.4.1
Modelgpt-4o-mini
Ownerrisk-team
Regionus-east-1

Permissions

query_db
classify_intent
fetch_user_profile
send_alert

Trace

Trace IDtr-8f2a1b4c-e937-4d0a-b512-c7e9f3a1d604
Span IDsp-0a3c7e91
Parent Run#4,816

Tags

productionhigh-prioritypci-scope

Persistent structured memory

Agents retain typed memory objects with TTL, scope, and provenance metadata.

PlantoOSMemoryExplorer
1,247 objects
Search memory objects by ID, content, or provenance…
Object IDTypeScopeTTLLast UpdatedProvenance
mem-0a7f3cFactGlobal2 min agocrystallization
mem-1b8e4dObservationAgent24h5 min agoruntime-capture
mem-2c9f5eDecisionProject7d12 min agoagent-output
mem-3d0a6fFactTeam1 hr agocrystallization
mem-4e1b7gIntuitionGlobal30d2 hr agodistillation
mem-5f2c8hObservationAgent12h3 hr agoruntime-capture
mem-6g3d9iFactOrg5 hr agomanual-entry
mem-7h4e0jDecisionProject90d8 hr agoagent-output

Memory Metadata

Object IDmem-0a7f3c
TypeFact
ScopeGlobal
TTL
Versionv3
Confidence0.96
CreatedMar 7, 14:30 UTC

Linked Runs

#4,817·fraud-detector
14:32 UTC
#4,812·risk-scorer
14:28 UTC
#4,799·data-enricher
14:15 UTC

Retention Policy

Policyenterprise-standard
RetentionIndefinite
EncryptionAES-256-GCM
AuditEnabled
Auto-ArchiveAfter 90d inactivity

Recent Access

fraud-detector read · 2 min ago
risk-scorer read · 18 min ago
data-enricher write · 1 hr ago

Six-layer policy governance

A six-layer policy stack enforces capability governance at every agent action boundary.

PlantoOSGovernancePolicy Stack
34 rules active

Policy Stack

Evaluation order: top → bottom · Higher layers override lower

Evaluation Order

1
Org Policy
Organization-wide defaults
12 rules
2
Team Policy
risk-engineering
8 rules
3
Project Policy
fraud-detection-v2
5 rules
4
Agent Policy
fraud-detector
3 rules
5
Tool Policy
query_db, classify_intent
4 rules
6
Action Policy
send_alert, block_transaction
2 rules
Evaluation Direction →

Active Rules

Showing all layers
PolicyRuleScopeEffectVersionUpdated
Org Policymax-tokens-per-runAll agentsLimitv3.1
Feb 28
Org Policyrequire-audit-trailAll agentsEnforcev3.1
Feb 28
Team Policypci-data-maskingrisk-engineeringEnforcev2.0
Mar 3
Project Policymax-db-queriesfraud-detection-v2Limit (10)v1.4
Mar 5
Agent Policydeny-external-apifraud-detectorDenyv1.0
Mar 6
Agent Policyallow-internal-toolsfraud-detectorAllowv1.1
Mar 6
Tool Policyquery_db-row-limitquery_dbLimit (100)v2.2
Mar 4
Tool Policyclassify-confidence-minclassify_intentEnforce (>0.8)v1.0
Mar 1
Action Policyalert-requires-approvalsend_alertGatev1.0
Mar 7
Action Policyblock-txn-dual-confirmblock_transactionGatev1.0
Mar 7

Deterministic execution and lineage

Replayable execution with checkpoint-based rollback and a full lineage DAG from trigger to outcome.

PlantoOSLineageRun #4,817
287ms total

Execution Lineage

Run #4,817 · fraud-detector · 8 events

Event Timeline

Trigger14:32:01.000
Webhook /api/v1/agents/fraud-detector
POST · 204 bytes · api-gateway-east
Agent Step14:32:01.042
fraud-detector initialized context
Context: 3 memory objects loaded · Model: gpt-4o-mini
Tool Call14:32:01.124
query_db → transactions_recent
23 rows · 66ms · Token cost: 340
Policy Check14:32:01.130
pci-data-masking evaluated
Rule: mask SSN + card fields · Result: PASS
Tool Call14:32:01.203
classify_intent → fraud_probability
Confidence: 0.94 · Latency: 79ms · Token cost: 128
Policy Check14:32:01.210
classify-confidence-min evaluated
Threshold: >0.8 · Actual: 0.94 · Result: PASS
System Action14:32:01.250
Memory crystallization triggered
New Fact created: mem-0a7f3c · Scope: Global · TTL: ∞
Outcome14:32:01.287
Alert dispatched to risk-ops channel
Severity: HIGH · Transaction ID: txn-9f8e2d · Flagged: true

Selected Event

Tool Call
query_db → transactions_recent
Event IDevt-3c7a1b
Timestamp14:32:01.124
Duration66ms
Token Cost340
Input Size128 bytes
Output Size2.3 KB

Run Metadata

Run ID#4,817
Tracetr-8f2a1b4c
Agentfraud-detector v2.4.1
Triggerwebhook
Duration287ms
Events8
Policies Checked2 PASS, 0 DENY

Data Sources

transactions_recent (DB)
user_profiles (Cache)
fraud_rules (Config)

Policy-bound agents

Capability enforcement ensures autonomous systems operate within explicit boundaries.

Governance Flow

Policy-bound agent execution ensures autonomous systems operate within boundaries.

Policy Layer
Agents
Capability Policies
Approved Tools
Enterprise Systems
Denied — policy block

Autonomous systems require explicit boundaries.

Where it sits in the stack

PlantoOS Architecture

The stack relationship between apps, agents, runtime, and systems.

Applications

Products and workflows

Agents

LLM-powered autonomous units

PlantoOS Runtime

Execution · orchestration · control

Capability Layer

Policy enforcement and tool access

Medhara Core

Memory · governance · lineage

Enterprise + Public Systems

Databases, APIs, infrastructure

A new compute layer for systems operated by agents.

Key workflows

How data flows through the system in typical usage patterns.

Workflow 1

Input

Agent deployment request

Core Process

Enterprise OS provisions governed runtime with policies, memory scope, and lineage capture

Output

Production-ready agent with full audit trail from first action

Workflow 2

Input

Multi-agent workflow

Core Process

Runtime orchestrates agents with capability-bounded communication and shared governed memory

Output

Coordinated execution with cross-agent lineage and policy enforcement

Workflow 3

Input

Compliance audit request

Core Process

Lineage DAG queried, policy versions traced, memory provenance assembled

Output

Audit-ready artifact package in standard compliance formats

Measured outcomes

↓ 40–60%

Prototype to production time

100%

Agent action audit coverage

↓ 30–45%

Governance overhead reduction

Indicative ranges from internal benchmarks and early deployments; results vary by workload, model, and infrastructure.

How it integrates

SDK-first integration — governed from the first line of code.

1

Provision instance

Deploy Enterprise OS on your infrastructure or use managed hosting

2

Define policies

Configure governance rules, memory scopes, and capability boundaries

3

Deploy agents

Connect your agents via SDK — governance and lineage are automatic

example
from medhara import EnterpriseOS

os = EnterpriseOS(instance="your-org.medhara.cloud")

# Deploy a governed agent
agent = os.agents.deploy(
    name="research-analyst",
    policies=["finance-read-only", "pii-restricted"],
    memory_scope="finance-team",
    capabilities=["memory.read", "tool.search"]
)

# Every action is automatically:
# - Policy-checked before execution
# - Lineage-captured with full DAG
# - Memory-scoped to authorized boundaries