Private deployment

Sensitive data never leaves.

Proxara installs inside an AWS account the firm controls, or a private region built for it. The proxy, the classifier, and the signed record all run where the data already lives.

Request a trialSee where it runs

In your infrastructure, set up by us.

Either shape is single tenant: one AWS account, isolated by the organization boundary, with nothing pooled across firms.

An account the firm owns

The same composition applies into the firm’s existing AWS organization. Its guardrails, its region, its keys, with Proxara running inside.

A private region, provisioned

Proxara vends a dedicated account through Account Factory, stands the whole stack up inside it, and runs it. No Terraform to learn, no infrastructure for the firm to operate.

Proxara does the provisioning and the running. The firm holds the keys and a read-only view, with no infrastructure work on its side.

The interceptor

The model that reads each prompt runs in the same account.

Classification happens inside the account. Sensitive values are swapped for tokens before they reach the tool an employee is using.

The default. Through Bedrock the request stays in the firm’s own region, over IAM, and AWS does not retain it or train on it.

See how redaction works
THE FIRM’S AWS ACCOUNTsingle tenant · one region · private subnetsEmployee+ AI toolProxyinterceptionClassifierin-region modelRecordwrite-onceKMSthe firm’s keysuptime + healthno customer dataProxaracontrol plane

Isolation you can prove.

Not a policy page. Three things an auditor can check without taking anyone’s word for them.

A dedicated account

One AWS account per firm. The organization boundary is the isolation, and an auditor reads it straight from AWS.

Keys the firm holds

Encryption keys live in the firm’s own KMS. Proxara gets use, never administration, and the firm can pull that access in a single change.

A record that checks itself

Every entry is signed and chained. The trail verifies offline, without trusting Proxara to be honest about it.

Built to clear the security review.

The questionnaire is where deals stall. The answers are already in the architecture.

No inbound path. The classifier and database sit in private subnets. Nothing reaches them from the open internet.

Write-once records. The audit archive lands in the firm’s own S3 under Object Lock, held for the seven years that 17a-4 expects.

Certificates that renew themselves. TLS is issued and rotated through ACM with DNS validation. No private key ever sits on a laptop.

A chain that re-checks itself. A scheduled job re-derives every signature each night and raises an alarm the moment one record will not verify.

Every account gets the same stack.

Network, keys, database, cache, compute, archive, and the alarms that watch them, stood up the same in every account.

1

AWS account per firm

0

shared data plane

4

keys the firm holds

7 yr

write-once retention

Everything Proxara does, in that one region.

The private deployment carries every surface. Same account, same keys, same record.

The device proxy

Every AI conversation on the device, through one inspection point.

Learn more

The MCP gateway

Every tool call an agent makes, checked before it runs.

Learn more

Compliance-grade audit

Every decision signed and filed to the rule it meets.

Learn more

The confidence you need to put AI to work without risk.

Tell us where the firm's data has to stay, and our team will reply in a few hours.

Book a call