Useful without outside services.
adapterOS does sensitive document work without giving up local control. The work stays inside your boundary; this public website only handles inquiries.
Why government teams choose adapterOS
Every answer points to the record
Each answer traces back to the procurement packet, case file, or program record it came from — not unsourced output to chase down later.
A record for disclosure review
Citations, source locations, and reviewer notes stay attached so legal and records teams can inspect what happened — FOIA and public-records ready.
Inside the agency, accountable
Runs inside the agency environment, scoped to approved sources and role boundaries, aligned to FedRAMP / FISMA and the NIST AI RMF.
What stays private
The security story is simple: name the boundary, name what stays inside it, and name what your reviewers can inspect later.
| Boundary | What stays private | What reviewers get |
|---|---|---|
| Your documents | Contracts, records, reports, and operational files stay in your environment. | Source-linked answers and a readable work record. |
| Daily operation | Sensitive workflows are designed to run locally or offline according to scope. | A packet showing what was used and what was produced. |
| Model training | Your operational records are not sent off to train someone else’s public model. | Clear deployment and data-handling terms. |
| Cost and usage | No surprise token-metered billing for the core document workflow. | Scoped engagement terms agreed before deployment. |
| This website | Inquiry and contact information only — not your production document work. | Published privacy policy and dependency disclosure. |
Deployment-runtime boundary and website dependencies: adapteros.com/security.
Boundary and dependency map
Residual risks
Supply chain integrity, insider risk, local privilege abuse, record deletion, and removable media handling. Offline shifts the problem from network defense to local controls and review discipline.
Mitigations
Model hash verification before use. Policy-bound workflows. Reviewable source trails. Change tracking. No outbound network calls. No telemetry. Explicit, verified updates.
Access control and isolation
Role-based access
RBAC and policy packs define what each role may do, enforced before a workflow is activated.
Tenant isolation
Workloads and evidence are isolated per tenant, so separate teams, programs, or classification levels do not share state.
Authenticated interfaces
Access to the web UI, REST API, and CLI is gated by JWT or API keys.
Security contact
Email: [email protected]
Acknowledge within 2 business days. Initial assessment within 5 business days.
On-prem adapterOS has no required external service dependency for sensitive document work. Website dependencies disclosed publicly: Resend (email delivery) and Cloudflare (hosting).
Start with a fixed-scope field deployment
One workflow, your environment, hardware included — roughly 4–8 weeks from kickoff. Local, offline-capable, and priced by scope — not by the token. You leave with a review record you can show security and compliance, whether or not you proceed.