Your agents, configured once. Working on schedule. Under control over every action.

Zendeploy turns autonomous agents into a workforce you can see and govern. Each agent you configure shows up as an avatar — with its own schedule, a running agenda of what it has done, and live ways to step in: chat with it, or open its desktop, its app, or its IDE. Work reaches your agents three ways — on demand from the console, from your communication channels, or on a schedule — and every action travels one governed path: authorized, routed, recorded, auditable, under your tenant's access policy. This page is where the platform is and where it is going; what is built, what is in build, and what is on the roadmap are marked honestly throughout.

Stage · Platform roadmap Date · 2026-06-26
zendeploy
Agent operations platform
Section 01 · The fleet

Your agents, as a workforce you can see

Open the console and you see your agents the way you'd see a team — each one an avatar with a name, the department and role you gave it, its schedule, and a short agenda of its latest events. Nothing is hidden behind a queue you can't read. When you want to step in, you step in.

your fleet · 4 agents RS research-scout research · analyst daily 08:00 · last: 3 leads filed chat · open env · IDE CB coder-bot engineering · coder on demand · last: PR opened chat · VNC · IDE IN inbox-handler service · support on message · last: 2 replies chat · app RP report-runner finance · analyst weekly Mon 06:00 · idle chat · open env
the fleet · one avatar per agent, with schedule + latest events
01The fleet view

Every agent is an avatar with a schedule and an agenda

Each configured agent renders as an avatar carrying its name, department and role, its schedule, a status, and a short agenda of its latest events — what it did, when, and whether anything needs you. No polling, no opaque queue.

  • Schedule on the face of it — daily, weekly, on demand, or on message.
  • Latest-events agenda — a few lines of what just happened and what's next.
  • Status at a glance — running, idle, or wants attention.
02Step in anytime

Chat, or open the agent's actual workplace

From any avatar you can talk to the agent directly, or open its environment when that environment supports a visitable workplace — a VNC view of its desktop, the web app it runs in, or its IDE. You are never locked out of what your agent is doing.

  • Chat — ask, redirect, or approve, in plain language.
  • Open environment — VNC to the agent's desktop workplace, an in-environment app URL, or an in-environment IDE.
  • Drill in from overwatch — jump from a status tile straight into the workspace.
Why it matters. Autonomy you can't inspect is a liability. Every agent's workplace is one click away, so trust is earned by looking, not assumed.
CB coder-bot · actions Chat VNC desktop In-env app In-env IDE opens same-origin · access scoped to your role
act on an agent · chat · VNC · app · IDE
Section 02 · Configure an agent

Configure an agent the way you'd onboard a teammate

An agent is configured in a simple interface — you place it in your organization, choose the runtime that powers it, connect the channels it works through, and set when it runs. The choices you make here become the agent's authority: it acts only as the department and role you assigned, never more.

configure agent DEPARTMENT Engineering ROLE coder RUNTIME Claude Codex SCHEDULE weekly · Mon 06:00 CHANNELS Gmail LinkedIn WhatsApp Telegram authority = department + role · bound at save, not asserted at run
configure · department · role · runtime · schedule · channels
01Place · connect · schedule

Department, role, channels, schedule — one interface

Configuration is a form, not a config file. The department and role you choose decide what the agent is allowed to do and which environment it runs in. The runtime decides which model powers it. The channels decide where its work comes from and goes. The schedule decides when.

  • Org placement — a department and a role within it; that pairing is the agent's authority.
  • Runtime — your choice of agent model (e.g. Claude or Codex).
  • Channel connections — Gmail, LinkedIn, WhatsApp, Telegram, and more, per agent.
  • Schedule — recurring or a one-time run; or on demand; or on an incoming message.
Authority is bound, not asserted. An agent's department, role, and runtime are fixed when you save the configuration — never chosen at the moment of a call. A misconfigured or runaway process can't grant itself more than you gave it.
Section 03 · The control plane

Enterprise control and audit over every action

Behind the fleet is a control plane built for an organization, not a hobby project. It is a set of modules — each an enterprise control surface scoped to your tenant's access policy (RBAC). Who can see a module, run an agent, open an environment, or read an audit trail is your decision, enforced by default-deny: if a rule doesn't allow it, it doesn't happen.

Visibility
Operations dashboard
Your whole fleet at a glance — spawn, conduct, and watch agent work; drill into any environment.
Orchestration
Scheduler & router
Turns due work into a running agent, picks the environment by department, role, and live capacity, and records the decision. Nothing runs without one.
Durability
Session lifecycle
Every run is a durable, authorized, recorded session with a stable id and one trace from start to finish.
Monitoring
Overwatch
Live status across the fleet and after-the-fact review — with drill-in to the workspace, the transcript, or the desktop.
Release
Deploy control
Deployments pass a gate that confirms the run was authorized; default-deny, tamper-evident.
Safety
Action governance
Every action an agent proposes is screened, judged against policy, and recorded before it runs; risky actions are held, not executed.
Guardrails
Capability gates
A write enable / kill-switch and a live capacity source. Absent either, the platform denies by default rather than guessing.
Audit
Event & inference record
Who was authorized, with what verdict and route — and what the agent actually reasoned, called, and produced. Redacted, kept for later review.
Knowledge
Knowledge framework
Your agents load a confidential, RBAC-screened knowledge framework over API and CLI; what each agent sees is scoped to its role.

Tenant RBAC, end to end

  • Every module above is scoped to your tenant's access policy. People see and run only what their role permits.
  • Default-deny — the absence of a rule is a denial, never an accident that lets something through.
  • Least privilege per agent — an agent may invoke only the actions its role allows; the rest is refused with a named reason.

The knowledge framework

The intelligence behind each agent is a knowledge framework loaded into its working context — a hypertext of your operating knowledge drawn from documents, structured stores, and graphs. Agents reach it over a confidential, RBAC-screened connection, through both an API and a command-line channel, and only ever see the slice their role is cleared for. A human-browsable view of the same knowledge base is on the roadmap.

Section 04 · How work flows

Three ways work starts. One governed path.

Work reaches your agents through three entry points — and whichever one fires, the same governed path runs underneath. Read the chart left to right: any trigger is authorized, routed, run, recorded, and surfaced for overwatch and audit. The legend names what each step does. 

  THREE WAYS WORK STARTS                                ONE GOVERNED PATH FOR ALL THREE

     WebUI  -  on demand               \
     channels  -  incoming / outgoing   )---->  authorize  ---->  route  ---->  agent environment  ---->  durable record  ---->  overwatch + audit
     schedule  -  recurring / one-time  /

  authorize ........... per-tenant RBAC, default-deny - who may run this action, and on whose behalf
  route ............... department + role decide the environment; capacity is checked before anything runs
  agent environment ... the agent loads your confidential, RBAC-screened knowledge framework, then works;
                        you can chat with it, open a VNC desktop, an in-environment app, or an IDE
  durable record ...... event log (who was authorized, with what verdict and route) + inference log
                        (what the agent reasoned, called, and produced) - redacted, kept for later
  overwatch + audit ... live fleet status and after-the-fact, per-tenant audit of every action

The three entry points

  • On demand, from the console — you launch an agent action yourself, subject to the same access policy as anything else.
  • From communication channels — an incoming message (or an outgoing one your agent sends) drives work, on the channels you connected.
  • On a schedule — a recurring cadence or a single future run; the trigger carries the agent's bound authority, never a self-asserted one.

What stays true on every path

  • Authorized first — nothing runs without a recorded, default-deny decision.
  • Recorded always — who was authorized and what the agent did are both kept, redacted, for later.
  • Yours to watch — live status and a per-tenant audit trail, with drill-in to the work itself.
Honest disclosure · what's built, what's coming

Where the platform is today — and what we don't claim yet

  • This is a roadmap. The control plane — authorize, route, record, audit, one trace per action — is specified and under active build. It is not a finished, certified product today.
  • Communication-channel triggers (Gmail, LinkedIn, WhatsApp, Telegram — incoming and outgoing) are on the roadmap, not yet available.
  • The point-and-click agent-configuration interface (department, role, channels) is on the roadmap; configuration today is more hands-on.
  • The human-browsable knowledge base and the long-retention, queryable record store for after-the-fact review are on the roadmap.
  • No multi-tenant-at-scale guarantee and no security certifications are claimed at this stage.
  • Agents do not act unsupervised — every action passes governance, and the human gates remain yours. Your data, brand, and IP stay yours; legal terms are agreed in writing before anything crosses.