⦃param⦄ ai/Studio
Talk to us
Security & Governance

Built to pass your security review.

⦃param⦄ ai/Studio runs inside your perimeter, on your cloud or on-premises, under your keys — and nothing leaves. Governance isn't a setting you switch on; it's structural. Every agent is traceable, reproducible and cost-bounded the moment it runs.

See the architecture → Request our security pack
01 · where it runs
single-tenant · your perimeter · no data egress
deployment topology · your cloud or datacentresingle-tenant
YOUR PERIMETER · YOUR CLOUD ACCOUNT / VPC · YOUR KEYS usersSSO App / Portal SSO · RBAC middleware holds no data · no model keys ▲ only public inbound · TCP 443 PRIVATE SUBNET · NO PUBLIC IP Edge ClusterMinds · orchestration Knowledge Graphyour documents · indexed Event Gatewayimmutable audit trail Model Gatewayrouting · token metering Entity & Sessionsrow-level agent scoping Semantic Indexscoped to chunks JWT validated Your model factory or endpoint optional · your choice outbound only · 443 no inbound ports opened
02 · how to think about it

Two promises: how every agent behaves, and where it all runs.

Security questions about enterprise AI fall into two buckets. The first is about behaviour — can you trust what the agent does? The second is about sovereignty — where does your data live and who can reach it? ⦃param⦄ ai/Studio answers both by structure, not by policy you have to configure.

Governance
how every agent behaves
Trace, reproducibility and the cost ceiling are compiled into each agent — properties of how it executes, not switches anyone can turn off.
Security
where it runs & who can touch it
The whole platform deploys inside your perimeter, single-tenant, under your keys — with your data, your knowledge graph and your audit trail never leaving your tenancy.
03 · governance, by structure

Five guarantees, built into how every agent runs.

When you design an agent here, its plan is compiled and locked. These five properties come from that compiled plan — which is why they hold on every run, and why no one can quietly switch them off.

Traceable
Every step is event-sourced. You can replay exactly what ran, in what order, on what input — for any run, at any time.
Reproducible
The same input follows the same locked plan to the same result. No drift between runs, no surprise behaviour in production.
Cost-bounded
A run carries a budget it cannot exceed. Spend is metered per step and capped — runaway loops simply can't happen.
Behaviourally safe
Each operator runs within declared bounds — the tools it may call, the data it may touch, the actions it may take are fixed at design time.
Change-controlled
Every change to an agent is versioned and reviewable. What's in production is a known, signed-off plan — not a prompt someone edited last night.

Each of these is patent-backed — properties of the compiled plan, not features layered on top.

04 · data sovereignty

Your data stays yours. All of it.

Single-tenant, deployed where your data already lives. Your documents, your knowledge graph, your keys and your audit trail never leave your tenancy. The only thing that ever crosses the boundary is a model request you chose to make — and even that can be pinned to a model inside your perimeter, so nothing leaves at all.

data sovereignty · the boundaryno data egress
STAYS IN YOUR TENANCY Your documents & datafiles, records, the knowledge graph Encryption keyscustomer-held · never shared The audit trailevery step, in your tenancy Model credentialsheld by you, used in place Embeddings, sessions, intermediate statecomputed and stored inside the perimeter — nothing staged outside single-tenant · deployed where your data already lives · air-gap supported the boundary LEAVES — ONLY IF YOU CHOOSE A single model request to the model you chose — your factory, your endpoint, or a local model (nothing leaves) outbound · 443 · you can pin it to a local model
05 · access & isolation

Who can reach what — decided by your identity, enforced per agent.

Your identity provider
Single sign-on through your existing SSO and directory. Access is your identity team's call, governed by your existing groups and policies.
Role-based access control
Every request is checked against role and permission before it reaches an agent. The user-facing layer holds no data and no model keys.
Per-agent isolation
Each agent runs in its own namespace, with its data scoped and partitioned. One agent cannot see another's data or reach beyond its declared scope.
Private by network
The core runs in a private subnet with no public IP. The only public surface is the sign-in layer; everything else is unreachable from outside.
Encrypted throughout
Data is encrypted in transit and at rest, under keys you hold. Credentials live in your secret store, used in place, never shared with us.
An immutable audit trail
Every step every agent takes is written to an append-only record in your tenancy — the evidence your auditors and regulators ask for.
06 · certifications & compliance

The attestations your reviewers will ask for.

ISO 27001
Certified.
SOC 2 Type I
In progress.
EU AI Act
Designed to align — traceability and governance are built in.
Audit & attestation
Immutable per-step trail for reporting and review.

The structural guarantees do a lot of the compliance work for you: when every run is traceable and reproducible by design, the evidence an auditor needs is already there — not something you assemble after the fact.

questions security teams ask

Straight answers for your review.

Does our data ever leave our environment?
No. ⦃param⦄ ai/Studio is single-tenant and deployed inside your own perimeter. Your documents, knowledge graph, embeddings, keys and audit trail all stay in your tenancy. The only thing that can cross the boundary is a model request you choose to make — and that can be pinned to a model running inside your perimeter, so nothing leaves at all.
Can it run on-premises or air-gapped?
Yes. The platform deploys as a self-contained edge cluster on OCI, GCP, AWS, Azure or on-premises, including air-gapped environments. When paired with a local model, it operates with no outbound connectivity at all.
How are agents isolated from one another?
Each agent runs in its own namespace with its data scoped and row-level partitioned, and access governed by your identity provider's groups. One agent cannot read another's data or act beyond the scope declared for it at design time.
Who holds the encryption keys and model credentials?
You do. Data is encrypted in transit and at rest under customer-held keys, and model credentials live in your own secret store and are used in place. They are never shared with or transmitted to ⦃param⦄.
What certifications do you hold?
⦃param⦄ ai/Studio is ISO 27001 certified, with SOC 2 Type I in progress. The platform is designed to align with the EU AI Act, and its built-in traceability supports the audit and attestation reporting reviewers require.
How do we prove to an auditor what an agent did?
Every step every agent takes is event-sourced to an immutable, append-only audit trail held in your tenancy. Any run can be replayed exactly — same input, same plan, same result — which is the evidence auditors and regulators ask for.
for your security team

Send us your security questionnaire.

We'll map ⦃param⦄ ai/Studio to your controls, walk your architects through the deployment, and share our security pack. Bring your hardest requirements.

Request the security pack → See the platform