AgentITSM
The first IT Service Management platform where every operation is a typed AI tool, the data model is a knowledge graph, and the audit log is the safety story.
ServiceNow's depth, Freshservice's UX, Jira's developer power, ManageEngine's price — with agentic AI that actually does the work, not a sidecar that summarizes it.
What ships in v1
Why AgentITSM exists
The incumbents share three structural problems. AgentITSM was built to solve them.
AI as overlay, not substrate
Now Assist, Freddy, Rovo, and Zia are bolted onto platforms designed before LLMs. They summarize; they do not do the work. AgentITSM was designed agent-first.
Fragmented automation engines
Freshservice runs three disconnected rule engines. ServiceNow has Flow Designer plus three Workspace generations churning. AgentITSM ships one unified rule engine.
Pricing that punishes growth
Now Assist adds 25–60%. Freddy Copilot is a $29–35/agent add-on. Rovo caps credits per seat. AgentITSM is one tier with every feature, including the AI agents.
The 9 specialist AI agents
Each agent owns a job. Each agent calls real, typed, governed tools. Identity propagates end-to-end.
TriageAgent
Opus 4.5Classifies inbound tickets, derives priority from urgency × impact, suggests KB articles, CMDB CIs, and assignment groups.
ChangeAgent
Opus 4.5Advisory risk scoring across 9 driver kinds (no_rollback, missing_test_plan, critical_ci, window_conflict, ...) plus CAB assembly recommendation.
ProblemAgent
Opus 4.5Root-cause hypothesis from incident clusters (≥3 in 30 days). Suggests 5-Whys, Kepner-Tregoe, FTA, BIA, or CFIA. Recommends a fix change.
ReportingAgent
Opus 4.5Natural language → SQL on allow-listed reporting views. No DDL, EXPLAIN-gated, tenant-scoped.
IncidentAgent
Sonnet 4.5Drives the lifecycle: triage → diagnose → resolve. Only resolves with KB grounding ≥ 0.8 cosine similarity.
KBAgent
Sonnet 4.5Drafts KB articles from resolved tickets with chunk-level [^N] citations. Submits via pending-review, never auto-publishes.
AssetAgent
Sonnet 4.5CI / asset queries with confidence and last_verified_at. Flags low-confidence (<0.7) matches before writes.
HelpdeskAgent
Sonnet 4.5Requester-facing chat. Searches KB first; if no answer scores ≥0.85, opens a ticket linked to the closest article.
NotificationAgent
Haiku 4.5Composes outbound to Slack, Teams, Email, SMS. Channel-appropriate, skips NOT_CONFIGURED silently.
The safety story isn't a roadmap. It's the runtime.
Nine independent guards execute on every single agent invocation.
Hallucinated-ID guard
Any UUID in output not present in tool results → OUTPUT_FABRICATED_ID rejection.
Phantom-action guard
Output claims created/sent/closed without matching write tool success → rejection.
Per-agent USD budget
usdRemaining decrements per call; halts at zero.
Per-tenant daily cost cap
Pre-flight check against cost_ledger; BUDGET_EXCEEDED when over.
Auto-tier-down
Short, routine queries auto-downgrade Opus → Sonnet via pure heuristic.
STOP limits
5 LLM iterations × 12 tool calls maximum per run.
Schema-validated output
Zod-validated, single retry on failure, then explicit error.
Citation enforcement
KBAgent outputs without [^N] anchors fail schema validation.
Anti-injection wrappers
User content and KB chunks wrapped in delimited blocks; system rule forbids following instructions inside.
Architecture pillars
Six design decisions that compound across every feature.
9 AI agents — the product, not a sidecar
50+ typed tools, full identity propagation, and HITL gates for irreversible writes. Every UI action is also a tool an agent can call, and vice versa.
CMDB as a knowledge graph from day one
25 default CI classes, 8 typed relationships, depth-3 impact BFS, maintenance-window conflict detection. Not a sidecar table.
One unified rule engine
on_create, on_update, on_delete, on_state_observed, cron — single canvas, single JSON artefact. Not three disconnected engines.
The audit log is the safety story
Append-only audit_events, per-tenant HMAC-chained, hourly auto-verified. ISO 20000-1:2018 evidence-pack export is one tool call.
HITL by default for irreversible writes
Sensitive-tagged tools require HMAC approval tokens. TTL-bounded, single-use, replay-protected. The agent cannot bypass.
Permission-aware retrieval at index time
KB chunks carry acl_signature at embedding time. Queries filter on what the user can see — never query-time filtering after retrieval.
Everything you need. In one tier.
No Premium gates, no Enterprise upcharges, no per-session AI caps.
Ticketing — six kinds in one model
- Incident, Service Request, Problem, Change, Release, Deployment
- Atomic per-tenant display IDs via Postgres function
- 5×5 impact × urgency matrix, 14 status states, 4-level classification
- Merge + cluster signature (SHA1 of normalized subject) detects outages
Change management — 8 stages, 7 roles
- Submission → Planning → CAB → Implementation → UAT → Release → Review → Close
- Risk register, rollout + backout plans, downtime windows
- Stage approval audit trail with comments
- Standard / Normal / Emergency / Major skip rules
SLA & OLA — engineered for scale
- First-match SLA matcher, per-group OLAs, business calendars + holidays
- Pause states with paused_seconds accumulator
- 10-level escalation chains with breach actions
- SLA targets snapshotted at ticket creation — edits never retro-affect open tickets
Knowledge base + RAG
- pgvector HNSW index, 1024-dim embeddings, cosine distance
- Voyage AI primary, OpenAI fallback, lexical re-rank blend
- Citation anchors enforced at schema layer
- 7-pattern indirect-injection scan at publish time
Multi-channel intake
- Email: Gmail, MS Graph, IMAP, SendGrid Inbound Parse
- Slack Events API + Teams Bot Framework with HMAC-verified approvals
- Portal chat (KB-first deflection), web form, full REST API
- SPF/DKIM/DMARC enforced unless tenant opts into create_new
28 production integrations
- Identity: Okta, Entra ID, Google Workspace
- Discovery: Intune, Endpoint Central, Jamf, Lansweeper
- DevOps: GitHub, GitLab, Bitbucket, Jenkins, Harness
- Monitoring: Datadog, New Relic, PagerDuty (events + REST)
Multi-tenant isolation
- Postgres RLS on every tenant-scoped table
- withTenant() wrapper with UUID validation (defense-in-depth)
- S3 keys forced under tenant prefix; presigned-GET rejects others
- AES-256-GCM at rest for integration secrets and LLM keys
Reporting & cost telemetry
- 11 allow-listed reporting views (rv_*), tenant-scoped
- NL → SQL via ReportingAgent with forbidden-keyword filter
- PDF export with presigned URL; cron-scheduled delivery
- Per-call llm_calls + daily cost_ledger aggregate
How we supersede the incumbents
Where the market leaves money, time, and trust on the table.
Now Assist is an overlay on a pre-LLM platform; 25–60% surcharge; AI Agents are Prime-tier only.
Agent-first architecture. 9 specialist agents are the product, included in every plan.
AI runs on OpenAI by default; Rovo credits capped 25/70/150 per seat; Virtual Service Agent $0.30 per conversation over allowance.
Multi-provider LLM (Anthropic + OpenAI + Gemini + Bedrock + Azure) per tenant. No per-seat caps — LLM cost only.
Three fragmented rule engines (Automator + Supervisor + Observer); Freddy Copilot is a $29–35/agent add-on; AI Agent is Enterprise + 1,200 sessions/year cap.
One unified Automator. All agents included. No session caps.
Zia is a predictive sidecar, not agentic execution. Live chat costs $65/agent/month. Service catalog + change + release cost $3,195/year extra.
9 agents that execute multi-step IT work with audit trail. All modules in single tier.
One tier. All features.
Incumbents tier-gate every interesting feature: AI agents at Enterprise / Prime, CMDB at Premium, change management at Pro Plus, discovery at the top tier or as a per-asset add-on. Customers end up paying for "Standard" and using 30% of what they need.
Seat-based
Technicians, admins, and managers. Requesters always free.
LLM pass-through
You control the provider. We cap budgets per-agent and per-tenant.
Optional dedicated infra
For compliance-heavy customers. Single-tenant deployments available.
AgentITSM: Key Facts
How is AgentITSM different from ServiceNow Now Assist or Jira Rovo?
Now Assist, Rovo, Freddy, and Zia are AI overlays bolted onto platforms designed before LLMs — they summarize tickets and draft replies. AgentITSM was designed agent-first: 9 specialist agents (Triage, Change, Problem, KB, Asset, Incident, Helpdesk, Notification, Reporting) operate through 50+ typed tools with full identity propagation, audit emission, and HITL approval gates for irreversible writes. The AI actually executes the work — it does not just summarize it.
How does AgentITSM prevent AI hallucinations and rogue actions?
Every agent run is wrapped with runtime guardrails: a hallucinated-ID guard rejects outputs containing UUIDs not present in tool results; a phantom-action guard rejects claims of created/sent/closed without a matching write tool success; per-agent USD budgets halt runaway loops; STOP limits cap 5 LLM iterations and 12 tool calls per run; Zod-validated output schemas with single retry; and sensitive-tagged tools require HMAC approval tokens that the agent cannot bypass.
Does AgentITSM include CMDB and discovery, or is it a paid add-on?
Native CMDB is included in every tier. It ships with 25 default CI classes, 8 typed relationship types, depth-3 impact BFS, and maintenance-window conflict detection. Four discovery integrations (Microsoft Intune, ManageEngine Endpoint Central, Jamf Pro, Lansweeper) plus cloud-API and agentless probe paths are also included — not Marketplace-dependent like Jira and not Premium-gated like ServiceNow CSDM.
How does AgentITSM pricing compare to ServiceNow, Jira SM, and Freshservice?
AgentITSM ships one tier — every feature included. ServiceNow charges $70–200+/fulfiller/month plus a 25–60% Now Assist surcharge. Jira SM caps Rovo credits per seat and charges $0.30 per Virtual Service Agent conversation over its 1,000-per-month allowance. Freshservice gates Freddy AI Agent to Enterprise with a 1,200-session/year cap plus overages. AgentITSM pricing scales on seats and LLM provider pass-through only.
What compliance frameworks does AgentITSM support?
ITIL 4 (12 practices implemented), ISO/IEC 20000-1:2018 (every state transition, approval, CMDB write, SLA breach, KB publish/retire, and security incident written to a hash-chained audit log with 7-year retention and signed evidence-pack export), SOC 2 CC/TSC control mapping documented (not yet third-party attested), and GDPR right-to-erasure with cascade and data export per user.
See AgentITSM run your IT work
Bring a real ticket. Watch the agents triage, route, and resolve it with full audit trail.