Useful without outside services.
adapterOS does sensitive document work without giving up local control. The work stays inside your boundary; this public website only handles inquiries.
Why defense teams choose adapterOS
Every answer traces to the source
Each answer points back to the contract packet, CUI, or technical-data record it came from — no unsourced output to chase down before it can be trusted.
A receipt assessors can read
Each run leaves a review record your security and accreditation stakeholders can inspect — aligned to CMMC 2.0 and NIST SP 800-171/172.
Inside the boundary, no egress
Runs on air-gapped or contested networks with no routine egress — the packet never leaves for a cloud AI service, and there is no token meter attached.
What stays private
The security story is simple: name the boundary, name what stays inside it, and name what your reviewers can inspect later.
| Boundary | What stays private | What reviewers get |
|---|---|---|
| Your documents | Contracts, records, reports, and operational files stay in your environment. | Source-linked answers and a readable work record. |
| Daily operation | Sensitive workflows are designed to run locally or offline according to scope. | A packet showing what was used and what was produced. |
| Model training | Your operational records are not sent off to train someone else’s public model. | Clear deployment and data-handling terms. |
| Cost and usage | No surprise token-metered billing for the core document workflow. | Scoped engagement terms agreed before deployment. |
| This website | Inquiry and contact information only — not your production document work. | Published privacy policy and dependency disclosure. |
Deployment-runtime boundary and website dependencies: adapteros.com/security.
Boundary and dependency map
Residual risks
Supply chain integrity, insider risk, local privilege abuse, record deletion, and removable media handling. Offline shifts the problem from network defense to local controls and review discipline.
Mitigations
Model hash verification before use. Policy-bound workflows. Reviewable source trails. Change tracking. No outbound network calls. No telemetry. Explicit, verified updates.
Access control and isolation
Role-based access
RBAC and policy packs define what each role may do, enforced before a workflow is activated.
Tenant isolation
Workloads and evidence are isolated per tenant, so separate teams, programs, or classification levels do not share state.
Authenticated interfaces
Access to the web UI, REST API, and CLI is gated by JWT or API keys.
Security contact
Email: [email protected]
Acknowledge within 2 business days. Initial assessment within 5 business days.
On-prem adapterOS has no required external service dependency for sensitive document work. Website dependencies disclosed publicly: Resend (email delivery) and Cloudflare (hosting).
Start with a fixed-scope field deployment
One workflow, your environment, hardware included — roughly 4–8 weeks from kickoff. Local, offline-capable, and priced by scope — not by the token. You leave with a review record you can show security and compliance, whether or not you proceed.