Six commitments we make, in writing.
Posture isn’t a banner — it’s a row in a ledger your auditor can read. Here’s where we are, and where we’re headed.
- 01
SOC 2 Type II
In progressIndependent audit underway; Type I controls operational, Type II window opened 2026.
- 02
ISO 27001
AlignmentControls mapped to Annex A; certification path scheduled after SOC 2 Type II close.
- 03
GDPR · PIPEDA
CompliantData Processing Addenda available; lawful-basis logging and subject-rights tooling built in.
- 04
FedRAMP
Path scopedReference architecture aligned to Moderate baseline; sponsor engagement in flight for public-sector tenants.
- 05
Per-tenant residency
AvailableCanada, US, EU, and customer-cloud regions — data and ledger never cross the boundary you pin.
- 06
Cryptographic action ledger
Always-onEvery drafted action is signed, sealed, and replayable. Forensics is a primitive, not a feature flag.
The data plane, made boring.
Encryption, tenancy, and retention done the standard way — so the interesting work happens above it, not inside it.
Deploy where the data lives.
Some operators need MAIA in production tomorrow. Some can’t let a packet leave the building. The substrate is the same; the boundary is yours.
- 01
Managed
MAIA cloudHosted by MAIA in your chosen region. SOC 2 controls, hardened defaults, fastest time to production.
- 02
Customer cloud
Bring your ownDeploys inside your AWS, Azure, or GCP account. Your VPC, your IAM, your key material. We operate the runtime.
- 03
On-prem · air-gapped
SovereignFull installation inside a sovereign or classified environment. Disconnected updates, signed image bundles, customer-controlled ledger.
Found something? Tell us.
We run coordinated disclosure. Email findings to the address below — encrypted reports welcome. We triage within one business day, acknowledge the reporter, and credit you publicly once the fix ships, unless you ask us not to. No bug-bounty theatre; real engineers respond.
Walk the architecture with us.
Send your security questionnaire. We’ll respond with diagrams, control mappings, and the ledger walkthrough.
Request a briefing