Security
adapterOS is designed for sensitive document work in environments where data movement, local access, and reviewer trust matter.
Why government teams choose adapterOS
Keep agency records in bounds
Run document work inside the agency environment instead of sending records, case files, or procurement materials to an unmanaged cloud tool.
Make disclosure review easier
Answers keep citations, source locations, and reviewer notes attached so legal and records teams can inspect what happened later.
Fit public-sector governance
The workspace is scoped around approved sources, role boundaries, update control, and the evidence IT and program owners need before expanding use.
Threat model
Primary attack surfaces
Supply chain integrity, insider risk, local privilege abuse, record deletion, and removable media handling. Offline shifts the problem from network defense to local controls and review discipline.
Mitigations
Model hash verification before use. Policy-bound workflows. Reviewable source trails. Change tracking. No outbound network calls. No telemetry. Explicit, verified updates.
Access control and isolation
Role-based access
RBAC and policy packs define what each role may do, enforced before a workflow is activated.
Tenant isolation
Workloads and evidence are isolated per tenant, so separate teams, programs, or classification levels do not share state.
Authenticated interfaces
Access to the web UI, REST API, and CLI is gated by JWT or API keys.
Security contact
Email: [email protected]
Acknowledge within 2 business days. Initial assessment within 5 business days.
On-prem adapterOS has no required external service dependency for sensitive document work. Website dependencies disclosed publicly: Resend (email delivery) and Cloudflare (hosting).
Start with a fixed-scope pilot
One workflow, your environment, hardware included — roughly 4–8 weeks from kickoff. You leave with a replayable evidence record you can show your reviewers, whether or not you proceed.