Useful without outside services.
adapterOS does sensitive document work without giving up local control. The work stays inside your boundary; this public website only handles inquiries.
Why finance teams choose adapterOS
Traceable for model-risk review
Give model-risk and validation a readable record of what ran and which sources it cited — aligned to SR 11-7 — instead of an opaque third-party chat API.
Books-and-records by default
AI-assisted interactions are captured for FINRA and SEC recordkeeping with their source citations, not lost inside a vendor API behind a token meter.
Inside the perimeter, no egress
Confidential filings, research, and client documents are processed on-premises with no egress, supporting SOX / GLBA and data-residency requirements.
What stays private
The security story is simple: name the boundary, name what stays inside it, and name what your reviewers can inspect later.
| Boundary | What stays private | What reviewers get |
|---|---|---|
| Your documents | Contracts, records, reports, and operational files stay in your environment. | Source-linked answers and a readable work record. |
| Daily operation | Sensitive workflows are designed to run locally or offline according to scope. | A packet showing what was used and what was produced. |
| Model training | Your operational records are not sent off to train someone else’s public model. | Clear deployment and data-handling terms. |
| Cost and usage | No surprise token-metered billing for the core document workflow. | Scoped engagement terms agreed before deployment. |
| This website | Inquiry and contact information only — not your production document work. | Published privacy policy and dependency disclosure. |
Deployment-runtime boundary and website dependencies: adapteros.com/security.
Boundary and dependency map
Residual risks
Supply chain integrity, insider risk, local privilege abuse, record deletion, and removable media handling. Offline shifts the problem from network defense to local controls and review discipline.
Mitigations
Model hash verification before use. Policy-bound workflows. Reviewable source trails. Change tracking. No outbound network calls. No telemetry. Explicit, verified updates.
Access control and isolation
Role-based access
RBAC and policy packs define what each role may do, enforced before a workflow is activated.
Tenant isolation
Workloads and evidence are isolated per tenant, so separate teams, programs, or classification levels do not share state.
Authenticated interfaces
Access to the web UI, REST API, and CLI is gated by JWT or API keys.
Security contact
Email: [email protected]
Acknowledge within 2 business days. Initial assessment within 5 business days.
On-prem adapterOS has no required external service dependency for sensitive document work. Website dependencies disclosed publicly: Resend (email delivery) and Cloudflare (hosting).
Start with a fixed-scope field deployment
One workflow, your environment, hardware included — roughly 4–8 weeks from kickoff. Local, offline-capable, and priced by scope — not by the token. You leave with a review record you can show security and compliance, whether or not you proceed.