Sovereign · Secure · Auditable

Deploy AI in your company without exposing your data.

The open‑source platform to automate your operations with isolated, audit-ready AI agents hosted wherever you want. Sovereign by construction.

Talk to an expertHow it works
Licensed · Standards-based · Auditable
Apache 2.0AFPS specRFC 9457OIDCSSEOpenAPI 3.1

Your company already uses AI. In chaos.

While you plan your next AI budget, these three problems are already running through your teams.

68 %

of your team already uses ChatGPT or Claude. From a personal account, with code or customer data pasted into the prompt.

Salesforce, 2025

8 / 10

agent POCs never reach production. Nobody knows who has access to what, credentials live in scattered .env files.

Gartner, 2026

× 3

your LLM bill every quarter. Zero attribution by team, by project, by tenant. Just a line item that keeps growing.

Field observation, 2026

Shadow IT, stalled POCs, opaque bills. Three symptoms, one cause: no infrastructure.

Before / after Appstrate.

Four concrete shifts, on the CIO and CFO side.

Without infrastructure
6 months to wire a new agent into your systems.
With Appstrate
AFPS manifest, deploys in minutes, portable across instances.
Without infrastructure
Prompts leaking to third-party clouds, often outside the EU.
With Appstrate
Runtime hosted wherever you decide. Data stays in your perimeter.
Without infrastructure
No trace of who called which tool, with which permissions.
With Appstrate
Audit trail per tenant, per scope, per run. OpenTelemetry streaming.
Without infrastructure
Opaque LLM bill, impossible to attribute.
With Appstrate
Attribution per application, per end-user. Quotas per tenant.

Production AI. No compromises.

Sovereignty

Your data never leaves your perimeter. Self-host, dedicated EU cloud, or air-gapped. Your LLM keys stay yours (BYOK).

Governance

Every action traced. Every API key isolated. Every employee scoped. RBAC, audit trail, kill-switch in one click.

Measurable ROI

One agent covers around 20 % of a full-time role. Cost tracked per process, per team, per run.

Developer-first

Your internal devs own the workflows. AFPS manifests, CLI, git-reviewable. The webapp handles launch, scheduling and audit for everyone else. No low-code builder to outgrow.

The architecture that reassures your CISO.

Each run spins up a fresh container, destroyed after use. The agent reasons. The sidecar acts. Your API keys never see the LLM.

Audit trail · 1 run
// run_id=r_7a3f… tenant=acme-corp
[12:04:01]agent.callmodel=claude-4.6 keys=<none>
[12:04:02]sidecar.authprovider=gmail tenant=acme-corp
[12:04:02]sidecar.exchangetoken=ya29.*** ttl=55m
[12:04:03]tool.invokename=stripe.refund scope=refunds:write
[12:04:04]sidecar.redactfields=[email, pan]
[12:04:05]run.completeduration=4.2s events=14
See the event schema
Runtime topology
Employee
Isolated container (ephemeral)
AI agent
never sees your API keys
Sidecar proxy
holds your credentials
G
S
C
E
N
+
Your systems
Ephemeral container
BYOK, keys in sidecar
LLM never sees secrets
Per-tenant isolation
Full audit trail
Air-gap capable

Measured on the platform. Reproducible.

Every number below links to its source. No claimed adoption figures.

Cold start
< 800 ms
pre-warmed sidecar pool
Benchmark
Sidecar overhead
< 12 ms
per tool call, local loopback
Benchmark
Container lifetime
Ephemeral
0 persistence cross-run
Docs
Isolation
Per-user · per-run
sandboxed container per run
Security paper
Permissions
78 typed
RBAC scopes across the API
RBAC reference
Audit events
Structured
OpenTelemetry streaming
Schema

Zero vendor. Your infra. Provable.

Same install as the docs. Same tiers. Same CLI.

~ appstrate install
$ curl -fsSL https://get.appstrate.dev | bash # or: bunx appstrate install
Pick a tier
Tier 0Bun · PGlite in-process · filesystemzero Docker
Tier 1Docker · PostgreSQL · filesystem
Tier 2Docker · PostgreSQL + Redis · filesystem
Tier 3Docker · PostgreSQL + Redis + MinIO · S3enterprise default
$ appstrate login # device-code flow, OS keyring, 15-min access token
Sidecar proxy · 78 typed RBAC scopes · structured audit trail
Ephemeral container per run · credentials never reach the agent process
Zero telemetry by default. No phone-home. No license server.
QuickstartProgressive infrastructureAir-gap guide
Runs on: Raspberry Pi 4+ · laptop · VPS · bare metal · K8s · air-gap
  • Pi 4 (4 GB): Tier 0-1, 2-3 concurrent runs
  • Pi 5 (8 GB): Tier 2 comfortably, ~400 MB RAM at rest
  • Source: appstrate-oss/README.md, Bun ARM64 native
Source code: github.com/appstrate, Apache 2.0, auditable line by line.
Same binary, same CLI, from Tier 0 (dev) to Tier 3 (prod). No fork. No rewrite.

Compliance is a posture, not a checklist.

Architecture ready

Shipped, verifiable in code.

Compliance mapping

How our architecture serves common frameworks.

  • GDPR
    Self-host in EU, audit trail, data you control.
  • EU AI Act
    Audit trail satisfies logging obligations (Art. 12).
  • HIPAA
    Sidecar isolation and audit trail give you technical safeguards baseline. Covered entity remains liable.
  • NIS 2 / DORA
    Incident timeline reproducible from the audit trail.

We ship the architecture. You or your partner agency map it to your specific compliance obligations.

What we haven't done yet

Explicit roadmap, no made-up dates.

  • SOC 2 Type II · Not started. We will announce when engaged with an auditor.
  • ISO 27001 · Not started.
  • HIPAA BAA · Not offered. Self-host gives you the architecture; your DPA with your hosting provider covers the rest.
  • Standard DPA · Draft available on request, not yet templated.

Roadmap moves when customers with real compliance needs engage. Talk to us if SOC 2 or ISO 27001 blocks your procurement.

Talk to us about compliance

Honest comparison.

We lose on some cells on purpose. We win on what matters for sovereignty.

AppstrateBedrock AgentCoreClaude ManagedCopilot Enterprise
Self-host, on-prem
Air-gap capable
Source code auditable
Apache 2.0
Multi-LLM (18+ providers)Claude onlyOpenAI only
BYOK (your keys)AWS-bound
Multi-tenant end-userorg-levelorg-levelorg-level
EU data residency
Predictable pricingFree + BYOKper-hour + granularper-hour + tokensper-user per-month
Time to first run5 min self-hostImmediate managedImmediate managedImmediate managed
Vendor lock-inNone (Apache)AWSAnthropicMicrosoft

Pratfall on purpose: we lose on "time to first run" (managed services are immediate, we take 5 min to deploy). We win on everything else that matters once you're in production.

Download comparison PDF (12 pages)

From decision to production. 6 to 8 weeks.

A methodology, not a client story. Same steps for every deployment.

1
Audit
Week 1-2
→ Sovereignty map
  • Process map of your current AI usage
  • Security audit with CISO and DPO
  • ROI baseline measurement
2
Pilot
Week 3-5
→ First agent in production
  • One process piloted end-to-end
  • Self-host or EU cloud deployment
  • Real ROI measurement on that process
3
Prod
Week 6-8
→ Tenant-ready runtime
  • Full rollout with audit trail enabled
  • Business team training (one morning)
  • Operational handover to your teams
4
Extend
Month 3+
→ Internal agent catalog
  • New agents from your internal library
  • ROI measured continuously
  • Cross-department extension
Delivered by your team, or by one of our certified partner agencies.

Questions your committee will ask.

Legal / DPO
Where is our data hosted, and who has access?
You choose. Self-host (your servers, zero Appstrate access), dedicated EU cloud, or fully offline air-gap. In all three cases, data is never shared with OpenAI, Anthropic or Appstrate. Your LLM keys are yours (BYOK).
CISO / IT
What will our pentests and SOC actually validate?
Open‑source code under Apache 2.0, auditable line by line. Sidecar proxy architecture (the agent runs sandboxed without credentials). Ephemeral containers, zero cross-run persistence. RBAC with 78 permissions. Structured audit trail. Security docs and architecture diagrams delivered pre-sales.
CFO
How do we keep the AI bill under control?
Appstrate itself is free and open‑source. Your only direct costs are your infrastructure (VPS, servers) and your LLM tokens (BYOK, paid directly to the provider). Certified partner agencies handle installation and support, with pricing agreed directly with them.
HR / Business
Will our teams actually know how to use it?
Yes, in one morning. Business teams get a plain webapp: one-click launch, scheduling, run history, audit trail. Complex workflows are built once by your internal devs or a partner agency, then consumed self-service.
CEO / COO
How do I know this is not another POC that goes nowhere?
Pilot on one process in 5 weeks with a concrete ROI report. If the numbers do not hold, you walk away. Apache 2.0, no lock-in, no penalty. Our first three production clients all crossed pilot to production in under 8 weeks.

Is Appstrate right for you?

We'd rather tell you now than three months after the contract.

Yes, if...
  • You have a real sovereignty constraint (healthcare, defense, finance, public sector, EU data residency).
  • You have a platform team that can operate a runtime, or a trusted integrator.
  • You want multi-tenant infra, with per-end-user scoping and per-run audit trail.
  • You're ready to host (VPS, on-prem, EU cloud, air-gap).
  • You refuse single-US-cloud lock-in.
No, if...
  • You want a turnkey SaaS UI with zero infra work (Claude for Work or ChatGPT Enterprise will be faster).
  • No sovereignty or multi-tenant need (Bedrock AgentCore or Vertex will do).
  • You want a personal assistant (that's Claude.ai, not Appstrate).
  • You refuse any DevOps work at all (ask a partner agency).

Still unsure? The 30-min call settles it in 10.

Appstrate is free. Forever.

Three distinct buckets. Nothing hidden.

Appstrate
  • Apache 2.0
  • Self-host: $0
  • No tier. No limits.
  • $0 forever.
Infrastructure
  • Your VPS, servers or cloud.
  • Your LLM tokens (BYOK).
  • Predictable. Your bill.
Partner agencies
  • Installation, configuration, training, support.
  • Pricing agreed directly with them.
Find a certified partner

Ready to deploy AI without losing control?

Pick your next step. None of them commits you.

For CEO, COO, CIO

Talk to an expert

30 min with an architect to scope your use case and your ROI.

Book a slot
For CISO, CIO, platform engineers

Read the docs

Architecture, self-hosting, API reference, security model. Everything public and versioned.

Browse docs
For open-source reviewers and architects

Audit the source

Apache 2.0. Read the runtime, sandbox, sidecar proxy and RBAC model line by line. Fork if you want.

View on GitHub

Not ready for a demo? Follow us.

GitHub·Discord

Built and maintained by the Appstrate team. github.com/appstrate

Book a 30-min call

Pick a time that works for you. No pre-call questionnaire, we come prepared.

Trouble loading the calendar? Open Cal in a new tab