GitDB for agentic code, Memory for long-term recall, Vector for full-fidelity search — all three in a single deployment. Run it as a cloud image in your VPC or install on bare metal. SSO, governance, audit trails, and compliance-ready posture included.
Every enterprise deployment ships the full stack. No per-product licensing — your team gets GitDB, Memory, and Vector as a single platform with unified identity, audit, and billing.
Code-native database for AI agents. AST-aware retrieval in single-digit milliseconds, 39 MCP tools, A2A swarm orchestration with per-role persistent memory. Agents ship features in parallel — code never leaves the database.
Long-term memory for AI agents. Lossless recall with auto-embedding — send text, get memories. Combine semantic search, SQL joins, and analytics in a single UQL call. One query replaces three round-trips through your model.
Full-fidelity vector search up to 3072 dimensions. Native on-disk graph that scales without giving up accuracy — 100% recall cosine similarity, not approximate. The same REST shape your team already uses.
Every agent operation flows through the unified platform. Memory provides context, Vector powers search, GitDB handles code — all under one identity, one audit trail, one deployment.
The full-fidelity vector engine, running inside your VPC or on bare metal — every query answered by hardware you control.
A native on-disk graph returns exact results at any scale — no approximate-search trade-offs your data team has to explain away later.
Indexes are walled off at the engine level with enforced quotas — one tenant can never see, or starve, another.
The same API shape your teams already use, now served from inside your own network. Most existing clients migrate with little more than a URL change.
Long-term agent memory deployed in your environment — lossless, audited, and isolated, with nothing summarized away.
Agents store what they see verbatim and recall exactly what matters — every read and write captured in your audit trail.
Semantic search, SQL joins, and analytics resolve in a single query — fewer round-trips, predictable spend, less data crossing your boundary.
Carve memory up by team or use-case; each collection is engine-isolated with its own quotas, so context stays where it belongs.
With agents doing the bulk of the work, your engineers don't need a copy of the codebase on their laptop anymore. The VS Code extension streams the files they review on demand, and the web reviewer covers everything else — source code is never written to local disk. A lost laptop is a lost laptop, not a leaked codebase.
And because no one ever needs bulk access, bulk access becomes a signal. If a single identity opens hundreds of files inside an hour, GitDB notices instantly — throttles the session, alerts your team, and gives you the precise list of what was touched. It's a control plane that turns "did they walk out with the source?" from a guess into a one-line answer: no.
Full governance plane is available in Hosted mode on the Enterprise tier — see Two modes below.
GitDB Enterprise doesn't bolt security on top of a permissive system — it begins from the assumption that no identity, no session, and no network path is trusted by default. Every one of the four Zero Trust pillars maps directly to a capability you get on day one.
Every read, write, and merge is authenticated to an identity and authorized per-request — no shared tokens, no ambient trust. Humans and agents alike.
Scoped permissions enforced inside the database itself. Each identity sees only the repos, paths, and operations its role allows — nothing more, nothing wider.
Continuous behavioral verification. Bulk reads, off-hours access, and unfamiliar paths trigger throttling and alerts in real time — not in next week's log review.
Source code never sits on a laptop, in a CDN, or on a cached endpoint. Files stream on demand through the VS Code extension or the web reviewer, then disappear.
The same platform that lets your agent swarm move fast keeps your codebase from walking out the door. One system, two wedges, six capabilities.
No clones, no ZIP exports, no full-repo downloads — ever. Engineers review code through the VS Code extension or the web reviewer, streamed file-by-file. The source stays in GitDB; the laptop stays clean.
Run a team of specialist agents — architect, coder, reviewer, tester — handing work off through GitDB. Each one has its own identity, its own scoped access, and its own line in the audit trail. The swarm ships features; you keep the receipts.
Nobody opens 500 files in a minute by accident. Because agents now do the heavy work, those bursts have nowhere to hide — GitDB throttles the session, alerts your team, and hands you the precise list of files touched. The exfiltration playbook simply stops working.
Every human and every agent gets its own identity and its own scoped access. Onboard a contractor or spin up a swarm in seconds; close every active session in one click when the work is done.
Every file read, edit, and merge is captured with a precise timestamp and identity. Answer any governance question in seconds — “do they still have the code?” is no longer a guess.
Your security and quality policies run inside GitDB — catching stray secrets and banned dependencies before they ever land. Every contributor, human or agent, ships clean code by default.
With agents doing the bulk of the work, bulk file access becomes the signal — not the noise. Here's what a real exfiltration attempt looks like, on a laptop with disk encryption only and on GitDB Enterprise.
An engineer or compromised agent fires off bulk reads — hundreds of files in a single minute. With code on every laptop, this just looks like a normal IDE flexing. No system flags it.
Engineers don't need bulk access anymore — the agents do that work. So when an identity opens 500 files in 60 seconds, GitDB knows it's an anomaly the instant it starts. A signal fires, the session is throttled, and your team gets the file list.
Without per-file visibility, the question "what was just opened?" needs hours of correlating logs across endpoints, VPN, and the code host.
Reads slow to a trickle while your team looks at the live trail — every file this identity touched, in order, with timestamps. The full picture is on screen in under a minute.
Closing access means rotating keys, expiring sessions, waiting for caches. By the time the window shuts, the codebase may already be on a USB drive.
One click ends every session for that identity globally — across all devices, all clients, everywhere — in under a second. And because no code was ever written to disk, there's nothing on a laptop to chase.
"Do they still have the code?" is a guess. The honest answer is "we don't know for sure."
"Do they still have the code?" is a fact. The honest answer is "no — the source was never on their device, and here are the exact files they read."
Communication goes out under uncertainty: "we believe..." instead of "we know..."
The same query becomes the report. Conversations with leadership, customers, and regulators happen on a precise, attributable record.
The full governance plane lives in Hosted mode — where GitDB is the home for your code. Rolling it out isn't a quarter-long project. Here's what a typical first month looks like.
GitDB Enterprise is provisioned in Hosted mode. 50 repos import in under an hour. Engineers install the VS Code extension and open repos as `gitdb://…` workspaces — code streams on demand, nothing lands on the laptop. By end of day, the team is shipping.
Wire GitDB to your identity provider. Engineers sign in with their existing credentials. Every agent picks up its own per-seat API key with scoped permissions — no shared bot tokens, no ambient secrets.
Architect, coder, and reviewer agents take their first feature end to end — handing work off through GitDB in pointer-sized payloads. The PR lands the same afternoon, with every step attributed and replayable.
An identity hits 500 file reads in a minute. GitDB throttles the session, alerts ops, and surfaces the exact file list. Twenty minutes later the token is rotated and the team has a written record — no codebase ever left the vault.
An auditor asks: "who touched file X between dates Y and Z?" Used to take a week of log-digging. On GitDB, it's a single query — emailed in ten minutes flat.
Every milestone above ships with the Enterprise tier in Hosted mode. Proxy mode is for evaluation only — full audit, anomaly detection, and compliance evidence require GitDB to be your source of truth.
Go all-in with Hosted mode on the Enterprise tier — your code lives in GitDB, with the full governance plane: access, audit, guardrails, and anomaly detection. Or start with Proxy mode alongside your existing Git to pilot GitDB with zero migration friction.
One home for your source — GitDB. Your IP stays in one place, your team works from anywhere, and you get a single, complete record of every change. Hosted mode on Enterprise unlocks the full governance plane — audit, access, guardrails, and anomaly detection.
Run GitDB in front of your existing GitHub or GitLab — your team picks up the access layer, audit trail, and agent tooling in an afternoon. Because GitHub still holds ground truth, the full governance plane unlocks when you graduate to Hosted. Proxy is the easiest path to prove value before you migrate.
Both modes run on the same deployment options — Cloud or Self-hosted in your own infrastructure.
Choose how you run keyes.ai. Both options ship the identical platform — GitDB, Memory, and Vector — with full feature parity.
AWS · GCP · Azure
Deploy the full keyes.ai stack from your cloud provider's marketplace. One-click launch into your own VPC with your own encryption keys. Auto-updates, managed backups, and full platform support.
Your hardware · your rules
For teams whose data must stay on hardware they control. Install keyes.ai on any Linux server — air-gapped environments supported. Same product, your infrastructure, zero external dependencies.
Join the private beta. Get early access to GitDB, Memory, and Vector services.
* SOC2, HIPAA, FedRAMP, and ITAR certifications are actively in progress. Contact us for current attestation status.