TechnologyArchitecture overview

Local control. Policy scope.Audit-ready operation.

Architecture choices prioritise local decisions, clear controls, and safe change discipline.

On-device controlSigned updatesRollback readyLocal logs
Layer 01

Local decision engine

Local decisions analyse behavioural signals.

Trigger policy pathways.

Layer 02

Policy control plane (on-device)

On-device policy defines control boundaries.

Restriction, containment, segmentation, escalation.

Layer 03

Signed updates + rollback

Signed updates.

Rollback ready.

Layer 04

Local audit logs

Local logs preserve reviewable decisions.

Operational traceability stays available.

Differentiator 01

Governance-first control

  • Policy boundaries are explicit.
  • Approvals define action scope.
  • Escalation paths stay operator-owned.
Differentiator 02

Audit-first outputs

  • Decision trails are a core deliverable.
  • Actions link to policy triggers.
  • Review stays clear under pressure.
Differentiator 03

Safe change discipline

  • Signed updates.
  • Rollback ready.
  • Controlled rollout windows.
Design rules

Operational discipline first

  • Local authority remains primary.
  • Policy defines control boundaries.
  • Change discipline supports safe rollout.
  • Audit records support governance review.
Privacy posture

Core mode avoids payload inspection

  • No raw traffic export by default.
  • Opt-in sharing only when policy allows.
  • Reviewable actions remain local.
Operating model

Stage before you automate

  • Start alert-only.
  • Run guided actions with review.
  • Move to enforcement when approved.

Core mode avoids payload inspection requirements.