Security
adapterOS is for teams that need AI help without giving up privacy, offline control, or a compliance story they can defend. Sensitive work stays local; the public website only handles inquiries.
What stays private
The security story is simple: name the boundary, name what stays inside it, and name what your reviewers can inspect later.
| Boundary | What stays private | What reviewers get |
|---|---|---|
| Your documents | Contracts, records, reports, and operational files stay in your environment. | Source-linked answers and a readable work record. |
| Daily operation | Sensitive workflows are designed to run locally or offline according to scope. | A packet showing what was used and what was produced. |
| Model training | Your operational records are not sent off to train someone else’s public model. | Clear deployment and data-handling terms. |
| Cost and usage | No surprise token-metered billing for the core document workflow. | Scoped engagement terms agreed before deployment. |
| This website | Inquiry and contact information only — not your production document work. | Published privacy policy and dependency disclosure. |
Deployment-runtime boundary and website dependencies: adapteros.com/security.
Threat model
Primary attack surfaces
Supply chain integrity, insider risk, local privilege abuse, record deletion, and removable media handling. Offline shifts the problem from network defense to local controls and review discipline.
Mitigations
Model hash verification before use. Policy-bound workflows. Reviewable source trails. Change tracking. No outbound network calls. No telemetry. Explicit, verified updates.
Access control and isolation
Role-based access
RBAC and policy packs define what each role may do, enforced before a workflow is activated.
Tenant isolation
Workloads and evidence are isolated per tenant, so separate teams, programs, or classification levels do not share state.
Authenticated interfaces
Access to the web UI, REST API, and CLI is gated by JWT or API keys.
Security contact
Email: [email protected]
Acknowledge within 2 business days. Initial assessment within 5 business days.
On-prem adapterOS has no required external service dependency for sensitive document work. Website dependencies disclosed publicly: Resend (email delivery) and Cloudflare (hosting).
Start with a fixed-scope pilot
One workflow, your environment, hardware included — roughly 4–8 weeks from kickoff. Private, offline-capable, and priced by scope — not by the token. You leave with a review record you can show security and compliance, whether or not you proceed.