Security model built for regulated environments
Grafty is single-tenant and customer-operated. Arcstack does not host your apps, your source, or your data.
Single-tenant, customer-operated
Each customer runs their own Grafty instance on their Linux infrastructure. There is no shared SaaS plane. Arcstack delivers software and licenses — your team operates the platform inside your network boundary.
Where data lives
Inside your network
Builder UI, source code, Git history, previews, app data, audit logs, integration credentials.
Configurable egress
LLM provider calls (OpenAI, Anthropic, Google) or local LLM endpoints. You choose per project.
Never on Arcstack SaaS
Arcstack does not receive, store, or process your prompts, code, or runtime data.
Kubernetes namespace per app
Every generated app runs in its own Kubernetes namespace with resource quotas. Size tiers XS through L allocate CPU/RAM appropriately. Deletion cleans up every resource — there are no orphans.
RBAC and audit
Roles
instance_admin, developer, viewer. Membership and limits scoped by team.
Audit
Immutable audit events for privileged actions. Exportable for SIEM ingestion.
LLM spend controls
Token usage dashboards by user, project, and team. Per-user, per-project, and per-team budgets. Hard stops block generation before another LLM API call is made — preventing runaway provider invoices.
Data in transit and at rest
TLS
All inter-service and ingress traffic over TLS.
Secrets at rest
Provider keys and integration tokens encrypted on disk on the instance.
Sessions
Short-lived signed session tokens with rotation.
Customer-controlled, not Arcstack
| Service | Purpose | Controlled by |
|---|---|---|
| OpenAI / Anthropic / Google | Optional cloud LLM inference | Customer (your keys) |
| Local / on-prem LLM | Optional inference inside your network | Customer |
| Integrations (Jira, Slack, GitHub, GitLab, Notion) | Optional connectors | Customer (your tokens) |
Security review packages
Available on request
Architecture overview, threat model summary, sample questionnaire responses, SBOM, and reference DPA. Contact us to receive the latest package.
Vulnerability reporting
Email info@grafty.ai with subject "[Security]". We respond within one business day.