Does Ryedore send any data to the cloud?

No. Ryedore is deployed 100% on-premises. All data processing, AI optimization, and predictions happen within your facility. No operational data ever leaves your network perimeter.

Can Ryedore run in air-gapped environments?

Yes. The platform is designed to operate in fully air-gapped environments with zero internet connectivity. Software updates are delivered through secure, customer-controlled channels with full rollback capability.

What compliance frameworks does Ryedore support?

Ryedore aligns with NIST Cybersecurity Framework, ISO 27001, SOC 2 Type II, HIPAA (healthcare), NERC-CIP (energy), and FDA 21 CFR Part 11 (pharmaceuticals). The on-premises architecture inherently satisfies data residency and sovereignty requirements.

How is data encrypted?

All data is encrypted at rest and in transit using industry-standard AES-256 encryption. Role-based access control (RBAC) ensures only authorised personnel can access specific data and platform functions.

Security & Compliance

Your data never leavesyour infrastructure.

Ryedore is deployed exclusively on-premises. Complete data sovereignty, defense-grade encryption, and compliance-ready architecture for the most regulated industries.

On-Premises Only

Every byte of your operational data stays within your physical infrastructure. No cloud. No exceptions.

Zero Cloud Dependency

The platform runs entirely on your hardware with no external calls. Supports fully air-gapped environments.

Complete Data Sovereignty

You own and control all data, model weights, predictions, and outputs. Ryedore never accesses your operational data.

Defense-Grade Encryption

AES-256 encryption at rest, TLS 1.3 in transit. All inter-service communication encrypted by default.

Contact Security Team Request a Demo

Security Architecture

Built from the ground up for regulated, mission-critical environments where data security is non-negotiable.

Role-Based Access Control

Granular permission system with principle of least privilege
Multi-factor authentication (MFA) support
Active Directory and LDAP integration
Session management with configurable timeout policies
Complete audit trail for all user actions

Network Security

Air-gapped deployment support for classified environments
No inbound or outbound internet connections required
Containerized microservices with network isolation
API authentication via signed tokens with automatic rotation
Rate limiting and DDoS protection on management interfaces

Data Protection

AES-256 encryption for all data at rest
TLS 1.3 for all data in transit
Encrypted database backups with configurable retention
Secure key management with HSM support
Automated data sanitization on decommission

Operational Security

Containerized delivery with cryptographic image signing
Secure update channels with customer-controlled rollback
No remote access or telemetry without explicit opt-in
Immutable audit logs for regulatory compliance
Automated vulnerability scanning in CI/CD pipeline

Compliance

Compliance & Certifications

We are actively pursuing formal certifications while maintaining architecture alignment with industry standards today.

NIST Cybersecurity Framework

Aligned

Platform architecture follows NIST CSF core functions: Identify, Protect, Detect, Respond, Recover.

Relevant to: All industries

ISO 27001

In Progress

Information security management system certification. Formal audit planned.

Relevant to: All industries

SOC 2 Type II

Planned

Service organization controls for security, availability, and confidentiality. Audit engagement scheduled.

Relevant to: Enterprise, Financial Services

HIPAA

Architecture Ready

On-premises deployment with full data sovereignty satisfies HIPAA data residency and access control requirements. BAA available.

Relevant to: Healthcare

IEC 62443

Aligned

Industrial automation and control system security. Platform follows defense-in-depth and zone/conduit model.

Relevant to: Manufacturing, Energy, Oil & Gas

GDPR / CCPA

Compliant

On-premises deployment means operational data never leaves your jurisdiction. Personal data handling follows privacy-by-design principles.

Relevant to: All industries (EU/California operations)

Industry-Specific Security

Different industries have different regulatory requirements. Our architecture is designed to meet the most demanding standards.

Healthcare

HIPAA-ready architecture with on-premises data residency
Role-based access for clinical vs. administrative users
Immutable audit logs for regulatory inspection
Business Associate Agreement (BAA) available

Energy & Utilities

NERC CIP alignment for bulk electric system operations
Air-gapped deployment for SCADA/ICS environments
No external network dependencies
Encrypted communication between all system components

Defense & Aerospace

Fully air-gapped operation with zero internet dependency
Containerized deployment for secure enclaves
Cryptographic image signing for software integrity
Complete data sovereignty with no vendor access

Financial Services

SOC 2 readiness for third-party risk management
Complete audit trail for all model predictions
Data retention policies aligned with regulatory requirements
MFA and Active Directory integration

AI-Powered Security

Security That Gets Stronger Every Day

Beyond traditional cybersecurity — our AI actively defends itself through continuous self-testing and autonomous hardening.

Auto-Hardening

Continuous Self-Testing

The AI continuously probes itself with adversarial scenarios — testing for weaknesses around the clock. When vulnerabilities are found, the system patches them automatically before any real threat arrives. Your AI gets stronger every day.

Auto-Corrects

Bias Detection & Fairness

Every prediction is cryptographically signed, creating an immutable, tamper-proof record. Multiple independent validation layers verify each prediction — from error detection to regulatory compliance. Full transparency for audit and inspection.

Immutable

Cryptographic Audit Trail

Responsible AI

Our Commitment to Responsible AI

Security and trust go beyond cybersecurity — they extend to how our AI makes decisions and who controls them.

Human-in-the-Loop

All AI predictions are decision-support tools designed to augment professional judgment. No autonomous safety-critical actions without human oversight.

Explainable Outputs

Every prediction includes confidence scores and contributing factors. Operators always know why the AI flagged something and how certain it is.

No Hidden Data Collection

Zero telemetry without explicit opt-in. No usage data, no model outputs, no sensor data ever leaves your infrastructure. Your data is yours.

Ready to Deploy Securely?

Ready to Discuss
Security Requirements?

Our team can walk through security architecture, compliance documentation, and deployment options tailored to your regulatory environment.