Loading…
Loading…
Everything in Agency, plus the controls a 200-engineer org needs to ship Archiet through legal, security, and IT review without a single bespoke patch.
Generated codebases ship with control matrices, populated runbooks, and DSAR + erasure runbooks. Auditor evidence packs available under NDA.
SOC 2 Type II
Audit-ready (audit in progress)
Control matrix + auditor evidence pack on request
HIPAA
Strict-mode flag + BAA
PHI segregation, encryption-at-rest with CMEK
FedRAMP
Moderate / High profiles
Control mapping + STIG-hardened deployment
PCI-DSS L1
Scope-minimization patterns
Tokenised PCI flows in generated code
GDPR + UK GDPR
Yes — DPA + EU residency
Frankfurt region, sub-processor list published
ISO 27001
Control mapping documented
Annex A controls mapped per workspace
NIS2 / DORA
Mapped controls
EU operational resilience reporting templates
Shared infrastructure with row-level security per workspace. EU or US residency.
Best for: organisations comfortable with a SaaS posture and a SOC 2 Type II vendor.
Your AWS / Azure / GCP account, your region, your encryption keys (CMEK). Network-isolated from other tenants.
Best for: regulated industries (healthcare, finance, public sector) with strict tenancy requirements.
Helm chart for Kubernetes. Local LLM providers (vLLM, llama.cpp, Triton). Zero outbound network requirement after install.
Best for: defence, intelligence, classified workloads, or industries with no-cloud mandates.
Service credits issued automatically when uptime drops below 99.9% in any monthly billing period. status.archiet.com tracks live availability.
P1 — Production down
1 hour
4 hours target
24×7 — pager + Slack
P2 — Degraded
2 hours
8 business hours
Slack + email
P3 — Functional issue
1 business day
Next release window
Slack + email
P4 — Question / request
2 business days
Roadmap or runbook
Slack + email
Pre-answered so the procurement cycle takes weeks, not quarters. Anything not covered here, we will answer in writing within 2 business days.
Yes. All three are negotiated as part of Enterprise onboarding. We start from your paper or ours. Standard turn around for redlines is 5–10 business days. Subprocessor list, sub-region commitments, and breach-notification windows are all configurable.
Yes. We respond to CAIQ Lite, SIG Lite, and custom questionnaires within 5 business days. We can also share our pen-test summary and SOC 2 Type II progress letter under NDA.
Yes — Helm chart for Kubernetes, support for offline LLM providers (vLLM, llama.cpp, Triton), and customer-managed encryption keys. The on-prem option ships without any outbound network requirement once installed.
Dedicated VPC tier provides full network isolation: separate database, separate object storage, separate compute. Multi-tenant tier uses Postgres row-level security (RLS) keyed by workspace_id and cryptographic tenant separation on object storage.
No. We do not train on customer data. BYOK means your LLM provider keys never touch our inference layer. We can sign explicit no-training language into your MSA.
EU residency in Frankfurt is available today on the multi-tenant Enterprise tier. Dedicated VPC supports any AWS / Azure / GCP region. Country-specific residency commitments are documented in the DPA.
Full export of every blueprint, generated codebase, audit log, and ARB decision in a portable format (ZIP + JSON + Markdown). 30-day retention after termination, then cryptographic erasure with attestation.
Yes. Annual prepay saves ~17% versus monthly billing. Multi-year contracts (2 / 3 year) are available with additional locked-rate guarantees.
AES-256 at rest. TLS 1.3 in transit. BYOK LLM keys. No training on your data. RLS-enforced multi-tenancy. Audit logging on every API call.
Read the full security posture →