How does ΔOS integrate with existing agents?

ΔOS provides a lightweight SDK that wraps agent actions. Agents submit intents to ΔOS, receive judgments, and report outcomes. Integration typically takes less than a day for most agent frameworks.

What deployment options does ΔOS support?

ΔOS supports Cloud (fully managed SaaS), VPC (deployed in your virtual private cloud), Hybrid (control plane in cloud, data plane in your infrastructure), and On-Premises (fully deployed in your data center) deployment modes.

ΔOS pricing scales with governance capacity and verified value, not headcount. Self-serve evaluation is available with read-only access and simulated data.

Security Controls

ΔOS security is configurable by deployment mode. Every control is auditable.

Controls Registry

Security controls implemented in the governance engine.

Access Control

AC-1Role-Based Access Control (RBAC)

implemented

Tenant-scoped roles: Owner, Admin, Operator, Auditor, Viewer

AC-2API Token Scoping

implemented

Tokens scoped to specific capabilities and expiration

AC-3Session Management

implemented

Secure session handling with configurable TTL

Audit & Logging

AU-1Immutable Audit Trail

implemented

Hash-chained audit events for all state changes

AU-2Decision Replay

implemented

Deterministic replay of any historical judgment

AU-3Auditor Mode

implemented

Time-boxed read-only access for compliance review

Data Protection

DP-1Tenant Isolation

implemented

Strict tenant boundary enforcement at all layers

DP-2Encryption at Rest

configurable

AES-256 encryption for stored data

DP-3Encryption in Transit

implemented

TLS 1.3 for all API communications

Governance

GV-1Deterministic Decisions

implemented

All governance decisions computed without LLM influence

GV-2Kill Switch

implemented

Immediate execution halt per environment

GV-3Trust Gating

implemented

Tiered trust levels with configurable thresholds

Deployment Modes

ΔOS can be deployed in multiple configurations based on your requirements.

Cloud (SaaS)

Fully managed deployment in ΔOS infrastructure. Fastest time to value.

Data Residency: US (default), EU, APAC available

Compliance: SOC 2 Type II, ISO 27001

Best for: Teams prioritizing speed and minimal operational overhead

VPC

Deployed in your cloud account (AWS, GCP, Azure). You control the infrastructure.

Data Residency: Your cloud region of choice

Compliance: SOC 2 Type II, HIPAA eligible, Custom

Best for: Organizations with specific cloud or compliance requirements

Hybrid

Control plane in ΔOS cloud, data plane in your infrastructure.

Data Residency: Sensitive data stays in your environment

Compliance: Custom compliance configurations

Best for: Organizations needing data locality with managed control plane

On-Premises

Full deployment in your data center. Complete isolation.

Data Residency: Your data center

Compliance: Air-gapped capable, Custom compliance

Best for: Regulated industries with strict data sovereignty requirements

Data Residency

Data location is configurable based on deployment mode and compliance requirements.

All deployment modes support configurable data residency. Audit data retention periods are configurable per tenant.

When Things Go Wrong

ΔOS decisions are deterministic. When a governance decision contributes to an incident:

Replay

Every decision can be reproduced with identical inputs. The same evidence, policy, and LIM version always produce the same judgment.

Root Cause

Policy version, evidence bundle, and LIM version are fully documented for every decision. The exact reason for any outcome is recoverable.

Accountability

Decision chain shows exactly what was evaluated: intent → evidence → policy → judgment → execution → outcome.

Correction

Policy updates prevent recurrence. LIM versions are immutable, so corrections require explicit policy or LIM changes.

ΔOS does not hide failures. It documents them.

Contact for Security Assessment →