Security

Sealed by design.

Security here is a feature, shown with quiet confidence. Everything a CISO or a floor-level auditor needs to relax is built into the product, not bolted on after. It runs entirely inside your perimeter and never calls an external AI provider.

Zero egress · sealed

Sealed · zero egress

Live on every deployment. Outbound attempts are counted and logged; the count has never moved.

outbound attempts

0

Zero data egress

Outbound is default-deny at the firewall. No log line, prompt, or answer can leave your network. The deny log is your standing evidence; it stays empty.

On-prem & air-gap

Runs fully offline. No license phone-home, no telemetry, no model sync. Air-gapped installs ship as signed, hash-verified bundles.

Role-based access

Every role is scoped to explicit folder prefixes. Each ClickHouse query and vector search is filtered server-side, so a role can never read outside its scope.

Immutable audit trail

Every question is recorded and hash-chained to the previous row. Tamper is detectable; the ledger forwards to your SIEM over CEF.

Your own weights

Orbis is fine-tuned on your logs and served from your hardware. The weights never leave, never sync to a vendor, and are hashed for attestation.

Attestation pack

One export gives compliance the firewall rules, SBOMs, image digests, and signed model hashes: everything an auditor asks for, on demand.

How it's enforced

Egress is denied by default, and proven.

The host firewall denies all outbound traffic except your internal networks. Every blocked attempt is logged, so the deny log doubles as standing compliance evidence. A one-line test in your pipeline proves no container can reach the internet.

  • Outbound is default-deny; only your internal network ranges are allowed
  • Every service runs fully offline, with telemetry disabled
  • Air-gapped installs verify signatures before anything runs
Egress verification

PASS

egress blocked

Outbound attempts0
External AI calls0

Every deployment proves, in its own pipeline, that no service can reach the public internet. The result and the empty deny log are recorded as standing evidence for your auditors.

Attestation pack

Everything compliance asks for, exported inside your network.

A single, current bundle you hand to auditors. Generated on demand from the live system, never fetched from us.

Firewall egress export

CSV

the egress ruleset and the empty deny log

Software bill of materials

SPDX

every image and package, versioned

Model weight hashes

TXT

SHA-256 of every served weight file

Container image digests

TXT

pinned digests for every running service

Signed attestation manifest

JSON

the above, signed with your key

Network diagram

PDF

data-flow + trust boundary reference

Independently attested

SOC 2 Type II and ISO 27001 aligned. Reports available under NDA.

SOC 2 Type IIISO 27001GDPR-readyHIPAA-aligned

Talk to security

Bring your compliance team. We speak their language.

We walk your security and audit teams through the trust boundary, the attestation pack, and the air-gap install, before a single log is ingested.