How It Works

Predict. Validate. Confirm.
Production reality, not just tests.

Legible's three-phase model validates every deployment against what your system actually does in production — building a Trusted Change Boundary before anything reaches your users.

Request early access See the three phases

The process

Three phases. One missing layer.

From the moment a deploy is triggered to production confirmation — Legible governs every step using evidence, not assumptions.

Understand

We ingest your existing OpenTelemetry traces and build versioned production fingerprints — a living map of how your services actually interact. No new instrumentation. No code changes.

From reality, not declarations

Predict

Before a deployment ships, Legible generates a hypothesis — the Inferred Intended Change — and validates it against staging behaviour. The result is a Trusted Change Boundary: the maximum allowed surface.

Before execution commits

Enforce

Production behaviour is checked against the boundary. Changes inside: explained. Changes outside: unexplained and flagged. Verdict: ALLOW, MONITOR, HOLD, or ESCALATE — with a full evidence chain.

Enforcement, not observation

💡

Phase 1

Hypothesis Generation

When a deployment is detected, Legible normalises evidence from your CI/CD pipeline, changelogs, PRs, feature flags, and config systems into a unified evidence model.

From this evidence, the system generates an Inferred Intended Change (IIC) — a structured prediction of what behavioural changes the deployment will produce.

The IIC is a hypothesis, not a source of truth. It has no governance authority on its own. It must be validated by what actually happens.

CI/CD webhook → Normalise evidence → Resolve identities → Generate IIC

IIC hypothesis — payment-svc v2.15.0
change_type: RETRY_CHANGE
affected_edge: payment → bank-integration
predicted_delta:
  retry_amplification: 1.5x
  structural_change: false
  new_edges: []
confidence: MEDIUM
# Changelog is structured but no stage evidence yet

🧪

Phase 2

Stage Validation & Trusted Change Boundary

After deployment to staging, Legible observes actual runtime behaviour and computes a Stage Behavioral Delta (SBD) — a multi-dimensional measurement across structural topology, traffic distribution, retry patterns, and latency.

The SBD is compared against the Phase 1 hypothesis. Verdicts: CONFIRMED, SUPERSET, SUBSET, DIVERGENT, or UNVERIFIABLE.

The system then constructs the Trusted Change Boundary — the maximum allowed surface — from stage-validated changes, confirmed predictions, known environment divergences, and bounded transitive dependencies.

Observe stage → Compute SBD → Validate vs IIC → Build boundary

Stage validation — payment-svc v2.15.0
stage_validation_verdict: SUPERSET
stage_behavioral_delta:
  retry_amplification: 3.5x  # predicted 1.5x
  structural_change: false
  new_edges: []
trusted_change_boundary:
  retry_ceiling: 3.5x       # stage-validated
  structural: no new nodes/edges
  boundary_confidence: HIGH
        

✅

Phase 3

Production Confirmation

After deployment to production, Legible computes a Production Behavioral Delta and checks it against the Trusted Change Boundary.

Changes inside the boundary: explained. Changes outside: unexplained and classified by confidence tier.

Governance confidence depends on the boundary, not prediction accuracy. Runtime behaviour is always the source of truth.

ALLOW

All changes explained

MONITOR

Partial match

HOLD

Unexplained changes

ESCALATE

Invariant violation

Production confirmation — PARTIAL_MATCH → HOLD
explained_changes:
  retry_amplification: 3.2x  # within boundary ✓
  latency_shift: +12ms       # within tolerance ✓unexplained_changes:
  new_edge: payment → notification-service
  # NOT in boundary — structurally significantverdict: PARTIAL_MATCH → HOLD
reason: "New dependency requires investigation"
        

The question isn't "is the system healthy?" — it's "did the deployment produce exactly what it was supposed to, and nothing else?"

Integration

Works with what you already have

No SDKs. No agents. No new instrumentation. Connect your existing telemetry and deployment pipelines.

📡

Telemetry

OpenTelemetry

Azure App Insights

AWS CloudWatch

GCP Cloud Logging

🚀

CI/CD & Deploy

GitHub Actions

GitLab CI

ArgoCD

Jenkins · Spinnaker

🚩

Feature Flags

LaunchDarkly

Statsig

Split

⚙️

Config & Infra

Terraform

Consul

Kubernetes · Helm

⏱️ 5 minutes to connect

🚫 Zero code changes

🔒 Read-only telemetry

Ready to see your production fingerprint?

We'll show you what Legible sees in your first 30 minutes — hidden dependencies, drift from recent deployments, and changes that are risky right now.

Get your Day-0 safety report →

Predict. Validate. Confirm. Production reality, not just tests.

Three phases. One missing layer.

Works with what you already have

Ready to see your production fingerprint?

Predict. Validate. Confirm.
Production reality, not just tests.