Enterprise
Open-source security. Enterprise-grade controls.
Baker Street is a self-hosted, MIT-licensed AI agent platform that replaces trust-based security with platform-enforced guarantees. Every agent runs in its own isolated pod with defense-in-depth controls that map to frameworks your security team already knows.
Single-process bot vs. Baker Street
| Category | Single-Process Bot | Baker Street |
|---|---|---|
| Isolation | Shared memory space; one agent can access another's data | Each agent runs in its own Kubernetes pod with namespace separation and default-deny networking |
| Audit | Application-level logging, easily modified or disabled | HMAC-chained tamper-evident audit trail forwarded to external SIEM |
| Extensions | Plugins run in-process with full access to host | Extensions execute in sandboxed sidecars with scoped permissions and resource limits |
| Memory | Shared database or in-memory store across agents | Per-agent persistent volumes with encrypted-at-rest storage and RBAC-scoped access |
| Scaling | Vertical scaling on a single host | Horizontal auto-scaling via Kubernetes HPA with pod-level resource isolation |
| Security | Trust-based: relies on agent code behaving correctly | Platform-enforced: non-root, read-only FS, seccomp, drop ALL capabilities, signed images |