Skip to content

Security

Built for professionals who cannot afford to leak.

Tekton's security model is simple to state: your data stays on your network, every action is logged, and the architecture has been reviewed and signed by a CISSP. The details below are written for the person who has to approve it.

Download security one-pager (PDF)

Architecture

One appliance, inside your perimeter.

Tekton runs as a single appliance on your local network. Documents are ingested and indexed on the device, model inference runs on the device, and answers are served to your team over your LAN. There is no cloud component in the data path and no outbound dependency required to operate.

Tekton appliance architectureClients on your network connect over the LAN to a single Tekton appliance. The appliance contains, on-device, the authentication layer, local ingestion and index, model inference, the verified-citation engine, and the audit and access-control layer. No layer depends on an external service.ClientsLANTekton appliance · on-deviceAuthentication — Active Directory / Entra IDTekton Connect — local ingestion & indexModel inference — runs on the applianceTekton Verify — verified-citation engineTekton Shield — RBAC & audit logging

Data flow

Nothing leaves the LAN.

Your documents enter the appliance from internal sources, are indexed locally, and are queried locally. The boundary below is your network edge — no document, prompt, embedding, or answer crosses it.

Tekton data-flow boundaryDocument sources, the Tekton appliance, and your users all sit inside your local network boundary. The public internet sits outside it, and the path between your network and the internet is blocked — no data crosses out.Your network (LAN)Your documentsTekton applianceYour teamInternetNo data leaves

Controls

What's in place.

Encryption at rest and in transit

The document index and stored data are encrypted on the appliance. Traffic between your clients and the appliance is encrypted over your network.

Directory-based authentication

Users sign in through Active Directory or Microsoft Entra ID. Access follows your existing identity and group structure.

Role-based access control

Permissions are scoped by role and respect the access boundaries of the source documents. People see only what they're entitled to.

Complete audit logging

Every query, document access, and administrative action is recorded in tamper-evident logs you can export and review.

Incident response posture

Because the system is self-contained and on your network, the blast radius of any incident is bounded by your own perimeter. Logs support after-the-fact review and containment.

No outbound data path

The appliance operates without an internet connection. There is no telemetry, no model-training feedback loop, and no remote access required to run it.

Compliance

In progress

SOC 2 in progress.

Tekton is actively pursuing SOC 2. The control framework above maps to the relevant Trust Services Criteria, and the program is underway. We'll share current status and scope with prospective customers under NDA.

Accountability

A named, credentialed owner of the architecture.

Tekton's architecture was designed and is signed by its founder, a CISSP-credentialed security and DevOps engineer. The architecture review is available to evaluate under NDA — a real document with a name on it, not a badge on a page.

Read the founder's background