Connect your traffic in minutes.
Point your existing calls at Kolm with scoped keys, service accounts, webhooks, limits, quotas, provider allowlists, environments, and clean export paths. No SDK rewrite to get here.
ENTERPRISE · DROP-IN, NO SDK REWRITE
Own the AI you're renting.
Point your existing OpenAI and Anthropic traffic at Kolm - no SDK rewrite. It captures the behavior your teams already use, compiles it into a signed model in one portable file, and runs it on your own hardware. Stop paying frontier prices forever to re-run behavior you've already established, and hand procurement proof anyone can verify.
Capture from 17 source families
12 ways to connect
10 ways to export proof
Every artifact signed
- SCOPE
- live source
- ARTIFACT
- signed · receipts
- EXPORT
- GRC · SIEM · warehouse
- RUNS ON
- your hardware
CAPTURE IN, OWNED MODEL OUT
17source families to capture from
12ways to connect your traffic
10ways to export verifiable proof
0provider lock-in
01 · WHO IT'S FOR
One workflow, an answer for every team in the room.
Platform, AI, security, and compliance all ask the same five questions: what went in, what changed, what came out, who approved it, and what proof can leave the room. Kolm answers all five from one place - and the answer is a signed model you own.
Compile the behavior you already use.
Import traces, build evals, compare versions, catch drift, and track prompt, tool, and schema lineage - then compile it all into a model you run yourself instead of renting per call.
Keep your data on your terms.
Set retention, redaction, unknown-schema handling, vault policy, and least-privilege connectors. The model runs on hardware you control, with an immutable audit trail you can export.
Hand over proof anyone can check.
Export signed receipts, control mappings, exception records, audit trail, data lineage, and change history - proof your reviewers verify themselves, no trust required.
Ship from capture to artifact fast.
Quickstart, OpenAPI, examples, a local test path, clear error objects, sample artifacts, verifier output, and CI gates. From live calls to a signed model without leaving your stack.
02 · WHAT IT COVERS
Capture from the tools you already use. Run on the hardware you already have.
Kolm meets your AI behavior wherever it already flows - in through the channels you run today, out as a signed model and the proof to back it. Real limits, no logo padding.
INTERCEPT SDK unchanged, captured off the wire no rewrite
17 source families
Provider logs, app events, agent traces, observability spans, eval data, human labels, product analytics, warehouses, CI/CD, repositories, support tools, GRC, files, runtime telemetry, cost events, and customer-system actions.
12 ways to connect
REST, GraphQL, gRPC, webhooks, streaming, batch files, object storage, warehouse queries, queues, browser events, local CLI, and custom adapter manifests.
10 ways to export proof
Signed artifact, verifier receipt, eval report, evidence bundle, JSON API, warehouse export, webhook, CI status, SIEM/GRC event, and admin analytics.
8 steps to an owned model
Register a source, capture an event, classify the schema, apply redaction, build an eval, lock the regression set, compile the artifact, and export the proof.
Your boundaries, enforced
Tenant isolation, environment separation, scoped keys, connector allowlists, retention windows, purge workflows, redaction, budgets, and an audit trail - set once, applied every run.
Export it and walk
Your model is one portable file - model, recipe, evals, and receipt. Move it to another runtime, another cloud, or off Kolm entirely. It's yours to keep.
03 · WHAT YOU GET
Every claim backed by something you can inspect.
Nothing here is a black box. Capture, eval, artifact, receipt, runtime target, export, and audit state are real records you can open, hash, and verify - so your reviewers never take a number on faith.
FOUR LAYERS model, recipe, evals, receipt Ed25519 signed
- Organization, workspace, project, environment
- API key, service account, connector
- Role, policy
- Source, capture, trace
- Prompt version, tool version, schema version
- Dataset, label set, eval, failure, regression set
- Compile run, artifact, manifest
- Runtime target, target recipe
- Verification receipt, release gate
- Export, evidence bundle, audit event
- Exception record, change history
- Source hash, output hash, policy version
03b · SEALED COMPARTMENTS
Your tenant is a sealed compartment. Nothing crosses the wall.
A tenant (one isolated customer space)A tenant is one isolated customer workspace. Every artifact, key, and log lives inside it; another tenant cannot read in or write out. is the boundary that keeps one customer's data, keys, and telemetry from ever touching another's. Each captured artifact, each signing key, and each audit event is scoped to a single compartment. There is no shared store a neighbor can read, and no cross-tenant query path. The diagram below traces what stays inside and what is blocked at the wall.
- 01Artifacts compiled in tenant A never appear in tenant B's index. Each lit sheet is scoped to one compartment.
- 02Signing keys are per-tenant. A's key cannot sign or verify against B's data, so a leaked key cannot reach across the wall.
- 03Telemetry and audit logs are isolated and append-only. There is no shared table, and the cross-tenant read path returns nothing.
BOUNDARY nothing crosses the wall cross-tenant read blocked
04 · PASS PROCUREMENT
Give your buyers proof, not promises.
Every model you compile ships with a signed packet your reviewers can verify themselves: source hashes, policy versions, eval results, artifact checksums, runtime targets, and receipt IDs. The seal uses Ed25519 (a public-key signature)Ed25519 is a public-key signature scheme. We sign the file with a private key; anyone with the matching public key can confirm the bytes were not changed, without contacting us., so a buyer with the public key can confirm the bytes were not altered. Every claim on this page ships with proof you can check.
VERDICT one changed byte flips it valid
evidence packetcapture to proof
what's proven todayRoute, schema, test, static asset, API payload, screenshot, generated JSON, or verifier output - proof a feature exists in the product you can buy right now.inspectable
proof-gated claimsPublic benchmarks, certifications, package releases, and runtime adoption appear here only once the verifiable proof exists - so what you read is what you can confirm, and what you confirm is what your buyers inherit.what we prove
your export packetHand procurement source hashes, policy versions, eval results, artifact checksums, runtime targets, and receipt IDs - verifiable end to end, no trust in us required.evidence
05 · RUNS ON YOUR HARDWARE
One model, ranked across every runtime you own.
The signed model is one portable file. Kolm runs it on the smallest runtime that meets your latency and cost target - phone, laptop, edge, or your own servers. Same artifact, your hardware, no per-call rent.
SELECTED phone, 142 MB, $0.00, 96 ms in spec
06 · FIRST FOUR DAYS
One model owned in four days. Then scale it.
Prove the whole path on one source before you roll it out - capture, compile, sign, export. Expansion follows what works.
Day 0 · source
Point one source at Kolm.
Register a project, create scoped credentials, attach one namespace, set retention, and confirm the source is live. No rewrite.
Day 1 · capture
Capture the behavior you use.
Import traces, classify failures, add human review where it matters, and lock your first regression set.
Day 2 · compile
Compile a signed model.
Run your evals, block regressions, compile the artifact, and get a verifier receipt - a model you now own and run yourself.
Day 3 · export
Hand over the proof.
Push the evidence packet to GRC, SIEM, warehouse, webhook, ticket, or CI status - receipts your buyers verify on their own.
CTA · START WITH ONE
Ready to own what you're renting?
Pick one production workflow, point it at Kolm, and own the signed model it makes - running on your hardware, cheaper than the bill you pay now. Talk to an engineer to scope your first source.