01Deployment
Runs inside your AWS account
GCP, Azure, and on-prem on the roadmap, delivered when a design partner requires them. Enclave is deployed into infrastructure you control, not routed through infrastructure you have to trust.
Manifesto · v1.0
The Company Brain
for sovereign deployment.
Built for organizations that need AI across internal knowledge but cannot send their data to SaaS AI vendors.
Deploys inside your AWS accountgetenclave.ai
§ IThe problem buyers already have
Your security team killed Copilot.
Your people still use shadow AI.
The need is obvious: people want one place to ask what the company knows. The blocker isn’t demand. It’s trust, control, and deployment.
Enclave exists for the organizations that want enterprise AI but cannot approve a product that asks them to send regulated, proprietary, or customer-sensitive data into someone else’s cloud.
§ IIThe category
The Company Brain
for organizations that can’t SaaS-out.
Enclave connects what your company already knows across Slack, Drive, GitHub, Confluence, Jira, and the rest and lets employees ask natural-language questions that come back with sourced answers.
The buyer outcome is simple: approved AI for internal knowledge, without forcing legal, security, or compliance to accept a deployment model they already rejected.
§ IIIThe architectural claim
Privacy isn’t a promise.
It’s the deployment boundary.
Your AWS accountus-east-1
Inside your VPC
Enclave
S3·KMS·Postgres·CloudTrail
Outside
Vendor (us)
No standing access
Enclave deploys inside your AWS account. Your S3, your KMS keys, your Postgres, your audit logs. GCP and Azure support on the public roadmap talk to the founder about your environment.
Our principals are excluded from your key policies. We do not operate a service inside your perimeter. Your private knowledge stays under your infrastructure, your governance, and your audit surface.
Every AI company says it values privacy. Enclave is built so privacy isn’t a promise in a sales deck it’s the deployment boundary itself.
§ IVThe evidence
Six doctrines.
All architectural, none rhetorical.
The lower layers matter because this claim cannot be added later. A sovereign Company Brain needs storage, retrieval, ranking, and observability designed around customer-owned infrastructure from the first commit.
02Exclusion
Vendor access is designed out
Our principals are excluded from your key policies. We do not operate a service inside your perimeter. Sovereignty is not a promise; it is an architectural property.
03Approval
A sanctioned alternative to shadow AI
Employees are already using AI. Regulated teams need an approved Company Brain that gives them useful answers without forcing security to accept SaaS data exposure.
04Traceability
Every answer points back to evidence
Answers must be sourced, consistent, and auditable. When the evidence is thin, Enclave refuses to guess. Honest uncertainty is a feature, not a failure mode.
05Retrieval
The moat is below the UI
Rust shard workers, byte-level vector formats, deterministic ranking, and source authority scoring exist for one reason: to make the sovereignty claim real at production scale.
06Outcome
Useful AI your buyer can approve
The goal is not another search box. The goal is an internal AI system legal, security, and business teams can all say yes to.
§ VWho Enclave is for
For regulated teams
where SaaS AI is the reason it can’t ship.
Enclave is for regulated, security-conscious, and infrastructure-serious companies that need the productivity of AI without the control loss of SaaS AI.
It’s for the security leader who needs an approved alternative to shadow AI. The legal team that needs answers with sources. The engineering team that can’t afford to lose decisions across Slack, docs, tickets, and email.
If your company can use a standard SaaS Company Brain, you probably should. Enclave is for the moment when that deployment model is the reason the project cannot ship.
§ VIWhat Enclave is not
Not a chat product.
A substrate for AI you already trust.
Enclave is not a chat product. It’s not a SaaS. It’s not a model. It’s the retrieval and knowledge infrastructure that sits underneath whatever LLM your organization already trusts Bedrock, Azure OpenAI, your own Vertex, or a local Mistral. We are the substrate, not the answer engine. We do not train on your data, because we never see it.
§ VIIThe founder note
Tired of every AI company
asking enterprises to trust their cloud.
Enclave is being built by a solo engineer who got tired of every AI company asking enterprises to trust their cloud.
The first version is for design partners with real constraints: private data, serious compliance pressure, and employees who still need AI to do their best work.