Loading…
Loading…
Specaria is designed for regulated, audit-grade estates — government, banking, insurance, telco, utilities. The security model starts from one premise: your systems and your data stay inside your perimeter, and everything privileged leaves a trace.
Products run entirely in your environment. Discovery reads your services, mapping writes your contracts, observability watches your traffic — and none of it transits our infrastructure. The only thing that crosses the boundary is outbound operational metadata, and that channel is yours to throttle, audit, or switch off.
For fully disconnected estates, the same build runs air-gapped: license tokens verify offline and updates are applied from signed artifacts you stage yourself.
Every product inherits the same spine — identity, licensing, update integrity, and audit — so the security posture is consistent across the whole line-up.
To license and support your deployment, a product sends back a small, fixed set of operational signals: the product version, aggregate health, and license status. No payloads, no source records, and no personal data are ever included.
The channel is outbound-only and customer-revocable — you can inspect exactly what is sent, route it through your own egress, or disable it entirely and operate offline.
Discovery, mapping, approval, promotion, and rollback are each written to a sequenced, signed record — a named actor, a UTC timestamp, an exact diff. It is queryable in-product and exportable for your auditors, so the evidence pack writes itself.
We welcome reports from security researchers and customers. If you believe you have found a vulnerability in a Specaria product or in this site, report it privately through our contact form and mark it as a security issue — please do not open a public issue or disclose it before we have had a chance to respond.
Architecture, data-flow, and audit questions from your security team are welcome. Book a session with the founder and we’ll walk your reviewers through the model in detail.