Confidential by
construction.
Finance teams handle the data a leak would be most costly to lose. Astry rejects cards, IBANs and secrets at ingest, encrypts with AES-256-GCM at rest, and can pin every inference to EU-only providers.
Astry answers only from what you are cleared to see.
A cited answer, walled to your clearance
The data a leak costs most.
Card numbers, account details, board figures, deal terms. Astry treats each as something to keep out of the model and off the wire, not something to filter after the fact.
PII rejected at ingest
Encryption at rest
EU-only sovereign egress
Cited, auditable answers
Access walled by team
Runs in your cloud
Controls that matter to finance.
Five controls, each enforced before an answer is built. Nothing here depends on the model behaving.
- 01
DLP at the door
Cards, IBANs, account numbers, API keys and private keys are detected by deterministic rules at ingest and rewritten to placeholders before indexing. What never enters cannot leak.
- 02
Encryption everywhere
AES-256-GCM at rest in a versioned envelope with a key id, rotated through a keyring without re-encrypting your data. TLS in transit. Keys from your KMS, or held only by you.
- 03
EU residency
Pin all inference to EU-only hosts, or run fully local and air-gapped with Ollama. The egress guard fails hard on any host you have not allowlisted.
- 04
Per-request projection
Before inference, Astry copies only the files the asker is cleared for into a throwaway sandbox, lists them in a manifest, runs the model there, then destroys it. The model cannot read a number that is not in front of it.
- 05
Append-only audit
Every query, file and response is written to an append-only log. The app database role can only insert and read; update and delete are revoked at the database, so history cannot be rewritten.
The controls, on the record.
The specs your security team will ask for, on one page.
- Redaction
- Deterministic regex detection across roughly eleven categories — cards, IBANs, SSNs, API keys, private keys and more — rewritten to placeholders at ingest, before anything is indexed.
- Encryption
- AES-256-GCM at rest with an authenticated tag, in a versioned envelope with a key id. TLS in transit. Keys from your KMS, or held only by you under BYOC.
- Data residency
- Pin all inference to EU-only hosts, or run fully local and air-gapped with Ollama. An egress guard fails hard on any non-allowlisted host.
- Identity
- OIDC SSO with Okta, Microsoft Entra ID and Google Workspace, with directory provisioning. Four workspace roles, enforced before the model exists.
- Audit
- Append-only WORM log of every query, file and response. The database role has insert and select only; update and delete are revoked. Anomaly detection on access patterns.
- Hosting
- BYOC in your own Azure, GCP or AWS, installed from one image. Astry holds no credentials to your environment; the control plane sees only operational metadata, never your content.
Good to know.
It is detected and redacted at ingest, before indexing. Sensitive content never reaches the model or the knowledge base, so there is nothing to leak later.
Built for teams that cannot afford a leak.
See how Astry rejects PII at ingest, encrypts at rest, and keeps every inference inside the region you choose.