Run everything in your own closed contour — including the AI
For regulated enterprises, d8n.ai deploys entirely inside your perimeter. The platform and the large language models run in the same private, isolated environment — your documents, prompts and decisions never leave your infrastructure.
Certifications & compliance
d8n.ai is built on the Documentolog platform — certified and audited for use in government, banking and critical-infrastructure environments in Kazakhstan.
EAL 4 · ISO/IEC 15408
State security certification ST RK ISO/IEC 15408-3-2017 at Evaluation Assurance Level 4, registered in the national registry and valid to 26.05.2029.
Tier III data centres
Hosting in Tier III data centres with encryption, mandatory two-factor authentication and access control.
Independent security audits
Regular external audits and penetration tests (grey-box and black-box); identified findings are remediated.
Your data, your contour
Everything that matters runs inside your security perimeter — not on a shared, multi-tenant service.
Private deployment
On-premise or private cloud. The full workspace, processes and Knowledge Hub run inside your security perimeter.
Sovereign, on-premise LLM
The language models run inside the closed contour. Prompts and documents are not sent to external AI providers, and your data is never used to train someone else’s model.
Data residency
Data and models stay in your jurisdiction, supporting local regulatory, sovereignty and sectoral compliance requirements.
Encrypted & isolated
Data is encrypted and tenant-isolated, so your information is never mixed with anyone else’s.
Governance for AI agents
Agents operate under the same controls as your people — nothing happens off the record.
Access by ACL and groups
Security is built in by default: an agent runs under the permissions of the user it acts for. It reads documents and takes actions only within what that user is allowed — per your ACLs and access groups. Nothing beyond the user permissions is ever visible to the agent.
Every action is explainable
Who requested it, which source was used, what changed and who approved it — all traceable.
Humans stay in control
Critical actions use a plan-then-confirm step, so a person approves before anything irreversible happens.
What an enterprise security review covers
We help your security, legal and compliance teams evaluate d8n against the topics that matter.
Identity & roles
Authentication, the role model and access boundaries.
Audit & retention
Logging, traceability and data-retention policy.
Document access
Who can see and act on which documents.
Integration boundaries
How connected systems exchange data, and under what controls.
AI model usage
Where models run and how prompts and data are handled.
Approvals & incident response
Human approval points and how incidents are handled.
FAQ
Do you train AI models on our data?
No. With private deployment the models run inside your contour, and your prompts and documents are never sent to external providers or used to train anyone else’s model.
Where is our data stored?
Inside your perimeter — on-premise or private cloud — in your jurisdiction, with tenant isolation, encryption and full audit.
Can d8n run fully on-premise?
Yes. Both the platform and the language models can run entirely inside your infrastructure for the highest data-residency and sovereignty requirements.
How do you keep AI actions accountable?
Every agent action is permission-bound, logged and auditable, and critical actions require explicit human approval through a plan-then-confirm step.
Bring security into the pilot from day one
We define a pilot scope that’s useful for business teams and acceptable for security, legal and compliance.