Trust & Security

Security by architecture,
not afterthought.

Orqista is designed so your code and data stay under your control. Whether you choose cloud or self-hosted, security is built into every layer.

Data Sovereignty

Your code stays under your control. Self-hosted Orqista means no external API calls, no cloud dependencies, no data leaving your network. Cloud Orqista uses isolated, encrypted infrastructure — your data is never shared or used for model training.

  • Self-hosted: zero external data transfer
  • Cloud: isolated, encrypted tenancy
  • No model training on your code — ever
  • Full data retention and deletion controls

GDPR / DSGVO Compliance

Designed for European compliance requirements from the ground up.

  • EU data residency for cloud deployments
  • No model training on customer data
  • Data minimization — agents access only what they need
  • Right to deletion and data portability
  • No external tracking, analytics, or cookies

Access Control

Secure authentication and authorization for every endpoint.

  • API key authentication for all requests
  • Secrets are automatically redacted in responses and logs
  • Full audit trail for every agent action
  • Configurable approval authorization per user

Agent Safety

Multiple layers of constraint ensure AI agents never exceed their boundaries.

  • Three-layer guardrail system (global, project, task)
  • Human approval gates before code execution
  • Command allowlists prevent unauthorized operations
  • Input sanitization on all endpoints

Encryption

Data protection in transit and at rest.

  • TLS 1.2+ for all communications
  • AES-256 encryption at rest
  • Secrets managed via environment variables or parameter store
  • No plaintext credentials in logs

Offline Capability

For the highest security requirements, run without any internet connectivity.

  • Local AI models via Ollama
  • Zero internet dependency after setup
  • Air-gapped environment support
  • Full platform functionality offline

Security questions? Let's talk.

Request access and we'll walk through our security architecture for your specific compliance requirements.

Request Early Access