Boundary-resident by design
The provenance graph, indexes, and retrieval run inside your boundary — a customer-owned data plane in your VPC, or fully on-premises. There is no central cloud index of your raw documents for an attacker to reach, because the product is not built around one. This removes an entire class of exposure that ranked-search products carry by construction.
On-device redaction
The local agent runs on the device or inside the data plane and redacts sensitive content before any model processes it. Only claims and redacted quotes synchronise onward. Raw files are not shipped to a central service to make features work.
Permission-first retrieval
Access controls are enforced before retrieval, not after. Every claim carries its ACL, and an answer is assembled only from evidence the requester is entitled to see. Permission checks are part of the data model, so they cannot be skipped by a query path.
Signed requests and device audit
The local agent signs its requests and keeps a tamper-evident local audit trail. Where evidence moves between a device, an edge relay, and the data plane, hops are signed, so the chain of custody is verifiable rather than assumed.
Tamper-evident certificates
Every published answer ships a Merkle certificate over its claim → evidence → ACL chain. You can verify it independently. This gives your security and audit teams a concrete artefact to check — provenance you can prove, not a score you have to believe.
Human approval gates
Model output never becomes authoritative knowledge without passing the verification queue, where a human reviewer approves it under your installation’s rules. Where automatic actions are possible, they are a setting your administrators control and are surfaced for attention, not run silently. The platform is built so the default posture is human oversight.
Audit trails
What was captured, structured, approved, retrieved, and acted upon is recorded and reviewable. Source history is preserved when evidence is updated or contradicted, so a reviewer can reconstruct how a piece of knowledge reached its current state.
Deployment profiles
Choose the profile your risk posture requires: managed SaaS for lower-sensitivity teams, hybrid with a customer-owned data plane as the recommended default for sensitive content, or on-premises — including air-gapped — with routing to private or open-weight models. Sensitive content and indexes live in the plane you own.
Compliance readiness — stated honestly
Evodira is built for SOC 2 and GDPR from the architecture up, with data residency, redaction, audit trails, and human approval as first-class controls. We are tracking EU AI Act readiness ahead of the 2 August 2026 obligations.
These statements describe our posture and direction, not certifications we claim to have already obtained. We will share the current state of our documentation, controls, and any attestations directly with you during a security review or pilot.
Reporting a vulnerability
If you believe you have found a security issue, please contact us at security@evodira.com. We take reports seriously and will work with you on responsible disclosure.
Questions about any of this? Write to us at hello@evodira.com. We will share current documentation and attestations during a pilot.