Security is the product, not a feature.
Vorsal OS is built for organisations that cannot send their data to public AI. Isolation, access control, audit, and sovereign deployment are foundational — not bolted on at the edge.
Seven controls, enforced at every layer.
Data isolation
Tenant-isolated by design. Your data never mingles with another customer's and never leaves your boundary.
IP-restricted access
Lock the platform to your networks. Allow-list by IP range, VPN, or private link.
Identity & SSO
Enterprise SSO and SCIM provisioning through Entra ID, Google Workspace, and Okta.
Role-based access
Granular RBAC at every layer — skills, data, agents, workflows, and audit.
Audit logging
Every action, retrieval, and decision is logged, immutable, and exportable to your SIEM.
Encryption
Encrypted at rest and in transit, with customer-managed keys (CMK) and key rotation.
Sovereign deployment
Deploy into a region and jurisdiction you control, including air-gapped environments.
Runs where your data is allowed to live.
Choose the boundary that satisfies your regulator. The same platform, deployed into the environment you control.
VPC
Inside your own virtual private cloud on AWS, Azure, or GCP.
Private cloud
A dedicated, single-tenant managed environment.
On-premises
In your own data centre, fully under your control.
Sovereign region
Pinned to a jurisdiction to satisfy data-residency law.
Government cloud
Deployed into accredited government cloud regions.
Air-gapped
Disconnected operation for the highest-sensitivity workloads.
Your identity provider, from day one.
Single sign-on and provisioning through the directories you already run. Access decisions inherit your existing groups and policies.
An honest compliance posture.
We don't claim certifications we don't yet hold. The architecture and deployment model are the proof today; formal attestations are on the roadmap, and the design is built to drop them in.
SOC 2 Type II
ISO 27001
GDPR
HIPAA
// Status reflects current state as of 2026. "Designed to support" means the control environment is built to meet the standard's requirements; formal third-party attestation is in progress and will be published here when complete.
Bring your toughest security questions.
A working session with our security and engineering teams — architecture review, data-handling, deployment topology, and your specific regulatory requirements.