Orchestrate your security team like an orchestra.

Okesu coordinates a fleet of AI agents across your hosts. Findings, investigations, and response — all under one control plane.

Install Okesu → View on GitHub →
Control Plane Daimons Agents Orchestrations

Daimons

The long-running daemon installed on each host. Listens for run dispatches, executes agents, streams findings back.

Learn more →

Agents

Prompt-driven workers (Claude, Codex, your own). They run on the daimon, emit structured findings as JSONL.

Learn more →

Orchestrations

YAML specs that sequence agents into playbooks. Fan out across hosts, gate on approval, branch on results.

Learn more →

Federated control plane

Run one CP per environment, federate them into a hierarchy. Findings + runs flow upstream; commands flow down.

Multi-provider agents

Run Claude, Codex, or your own provider. Same dispatch surface, same JSONL contract.

Investigations as a workspace

Group findings into a case file. Notes, timeline, and orchestrations all hang off one investigation entity.

Approval gates + action allowlists

Step-level human approval. Per-class allowlists for what an orchestration can mutate.

Per-host fan-out

Run an agent on N hosts in parallel; live histogram + per-host status in the run viewer.

Single-binary install

okesu and okesu-cp are static Go binaries. No runtime, no agent framework dependencies, just drop in.