Every Northpoint feature has to pass one test: can it be described as 'private and secure' to a compliance officer at an enterprise buyer? The product is built around that line.
The product mode that hands an auditor a signed packet, not a screenshot.
Your model. Your endpoint. Your bill. We never proxy your bytes by default.
The audit chain records deterministic actions. LLM calls live alongside, as advisory traces.
Each is non-negotiable. Each shows up in the product before it shows up in marketing.
Customers route through their own Anthropic / OpenAI / Bedrock / Vertex / Azure OpenAI endpoint. Northpoint never proxies your bytes through our infrastructure unless you explicitly opt in. Per-org credentials with rotation and revocation. No global shared key.
Schemas, distributions, and redacted samples ok; raw rows require explicit per-call write-scoped consent. We index schemas — not raw cell values. The redaction step is auditable.
Prompt fingerprint (sha256), model id, token cost, response fingerprint, decision id (when the call led to a proposal). Logged via the audit pipeline alongside the deterministic actions they advise.
RAG indexes are organization-scoped. Tenant scoping is the first WHERE clause in every retrieval. When a customer brings their key, requests can be isolated in a separate Node worker so prompt-injection in one tenant can't read another's context.
High-security customers who can't send anything to a cloud model run all-MiniLM-L6-v2 in a sidecar process; the runtime calls over IPC. The semantic index stays local. Same primitives, zero outbound bytes.
Every break investigation, every recon run, every agent proposal carries the lineage hash chain at the moment it was produced. Auditors replay the packet later and verify nothing was tampered with. Production deployments sign with the customer's ED25519 key.
Agents propose, humans accept. The audit chain only records deterministic actions. LLM calls are logged separately as advisory traces. A proposal never mutates state without an explicit operator click.
Tenant data is purgable. Lineage rows, embeddings, audit traces — removable on a documented procedure. Customers retain the right to delete, and we surface the deletion record in the audit trail itself.
Every copilot follows the same arc. Whatever leaves the box is in the audit trail, with a sha256 fingerprint of the prompt and the response.
Customers pick the model that fits their compliance envelope. The product is identical across modes; only the boundaries move.
Hosted by us. Your data in your tenant; per-org keys; tenant-scoped RAG; audit log shipped to your S3 / GCS / Azure Blob on schedule.
Deployed into your VPC. Your network boundary; we manage upgrades over a control-plane that has zero data-plane access.
On-prem deployment. On-device embedding model; no outbound LLM by default; BYO LLM endpoint inside your perimeter.
Regulators (SEC, FINRA, FCA, MAS) are converging on guidance that requires demonstrable lineage of AI inputs and outputs. We are the only data-ops platform whose internal architecture already meets that standard.
We’ll respond with the answers, the artifacts, and the architecture diagrams your compliance team needs to sign off.
