Your clinicians want AI. Your traders want AI. Your analysts want AI. Your auditors will not let them touch a SaaS tool that ships their data to someone else's cloud.
Veklom is the AI operations platform you deploy inside your own perimeter. Multi-LLM gateway, cost controls with hard-cap kill switches, multi-tenant RBAC, audit, GDPR — built for institutions where data sovereignty is not optional. Self-hosted by design. No vendor cloud. No exfiltration paths. No surprise audit findings.
The incumbents had three years to fix this. They didn't. We did.
Source-available · self-hosted · evaluation by NDA
You have had this conversation. Probably more than once this quarter. Your engineering team wants to ship AI features. Your compliance team wants to keep their jobs. Every tool that would make your engineers fast — Portkey, LangSmith, Helicone — is a hosted SaaS that wants to log your data in someone else's region. So you say no. Or you build something internally that takes 14 months and three engineers. We built the third option.
Your clinicians type prompts that contain PHI. Every AI ops vendor on the market is a multi-tenant SaaS. Sending PHI to a third-party log aggregator is a HIPAA violation, full stop. So your IT department blocks it. Your clinicians use ChatGPT on their personal phones anyway. You have shadow AI and no oversight.
The internal-build alternative is 18 months and an FTE you can't spare.
Customer data through a third-party AI vendor triggers OCC Bulletin 2013-29 third-party-risk review. Your MRO needs lineage. Your auditor needs immutable logs. Your CFO needs hard caps before a misconfigured agent racks up six figures in OpenAI spend overnight. None of that exists in a SaaS gateway you don't control.
So your AI projects sit in the architecture review board for 11 months. Your competitors ship. You don't.
FedRAMP Moderate, CJIS, IRAP, BSI C5 — your authorization boundary is a hard line. Vendors who cannot stand up inside it don't get bought, no matter how good the product is. Every AI ops SaaS in the market right now fails this test on day one.
So your engineers fall behind their contractor counterparts. The work gets done somewhere. Just not inside your agency.
NIST 800-171, CMMC Level 2/3, ITAR, EAR — your primes enforce these on you, and you enforce them on whoever you bring in. Most AI ops SaaS vendors fail vendor onboarding before they fail technical review. Source-available software you self-host avoids that entire problem class.
That's why we sell software, not service. Your procurement office can review code in days. They can't audit someone else's cloud at all.
Veklom is delivered as deployable source code. It runs entirely inside your network boundary — VPC, on-premises, or air-gapped data center. Outbound traffic is restricted to the AI providers you authorize, and only when you make a call. Telemetry and logs never leave your infrastructure.
Multi-region active-active, hot-standby DR, and air-gapped variants are documented in the deployment guide. Customer reference architectures are available under NDA for HIPAA, PCI-DSS, FedRAMP Moderate, and CMMC Level 2 environments.
Most "AI ops" tools do one thing — observability, or a gateway, or a key vault — and force you to assemble the rest. Veklom ships the whole platform, integrated, with the security boundaries already drawn between modules.
OpenAI, Anthropic, HuggingFace, Ollama, Whisper — pluggable provider registry. Route by workspace, model class, latency budget, or cost ceiling. No customer is ever locked to a single upstream vendor.
Real-time token accounting, ML cost prediction, per-workspace daily caps, automatic AI-operations halt when budget exceeded. The day a runaway agent should have cost you $40,000 — your CFO gets an alert at $400 instead.
Zero-trust authentication, IDS with SQLi / SSRF / XSS pattern detection, per-IP and per-workspace rate limiting, request signing, tenant isolation. Eleven middleware layers, ordered for predictable failure modes.
Workspaces, roles, fine-grained permission policies, admin endpoints. Built for B2B and multi-department on day one. Each tenant's data, costs, and AI calls are isolated at the storage and routing layers, not just at the API.
Every action recorded, queryable, immutable when configured against an append-only store. Maps directly to SOC 2 CC7, HIPAA §164.312(b), PCI-DSS Req. 10. Auditors love it. Your incident-response runbook gets shorter.
Right-to-export, right-to-erasure, PII detection, PII masking. Prove compliance to a regulator in one query. Avoid the seven-figure fine and the news cycle. Your DPO will thank you in writing.
Stripe-integrated, with subscription tiers, webhook signature verification, billing portal, and usage metering scaffolding. Monetize internally between business units, or externally to your customers, on day one — not after a six-month integration project.
Canary deploy, promote, rollback. The cost and quality predictors that drive autonomous routing are themselves managed as production ML — not hardcoded heuristics. This is the difference between a toy and a system you'd run on a Tuesday morning at 9 a.m.
Every major AI operations vendor is, structurally, a multi-tenant cloud SaaS. Their architecture cannot be deployed inside a regulated perimeter. Their pricing assumes you are willing to send your data to them. You are not. We built the alternative.
| Capability | Portkey$2K–$10K+/mo | LangSmith$1.5K–$5K+/mo | Helicone$2K–$10K/mo | Langfuse$1.5K/mo+ | VeklomLicense $7.5K–$45K/mo |
|---|---|---|---|---|---|
| Self-hosted in your VPC / on-prem | — | — | add-on | ● | ● by design |
| Air-gapped / fully offline deployment | — | — | — | DIY | ● documented |
| Multi-LLM gateway | ● | — | ● | — | ● |
| Hard-cap budget kill switches | soft | — | — | — | ● |
| Multi-tenant RBAC (workspaces / roles) | enterprise | enterprise | limited | limited | ● |
| Compliance-grade audit log | basic | ● | basic | ● | ● |
| GDPR / PHI export & redaction endpoints | — | — | — | basic | ● |
| Stripe billing & subscription engine | — | — | — | — | ● |
| ML lifecycle (canary, promote, rollback) | — | — | — | — | ● |
| Source code ownership | — | — | OSS lite | MIT | ● license or buy |
| No data egress to vendor cloud | — | — | — | ● | ● guaranteed |
Pricing data verified from each vendor's public pricing page (Q4 2025–Q1 2026). Capability assessments based on each vendor's published documentation as of compilation. We are happy to be corrected — if any of the above is inaccurate as of your reading, contact us and we will revise.
Pigment (planning SaaS) · Rakuten (e-commerce) · PagerDuty (SaaS) · Vizient (data analytics)
SiteGPT (chatbot SaaS) · "thousands of startups" (un-named)
YC W23 cohort companies · early-stage developer tools
Open-source community · self-hosters · MIT-licensed users
Their customer pages are tech SaaS, top to bottom. Not because they aren't trying to win regulated buyers — because the architecture cannot be approved by a CISO who reads data flow diagrams. We sell to the buyers they cannot serve. That is the whole company.
SaaS vendors don't tell you this part out loud, but you already know it: most of the cost of adopting a SaaS tool isn't the subscription. It's the six-to-nine months of procurement, security, legal, and ESG work it takes to bring a new vendor into your perimeter at all. With Veklom, your team adds a code library to infrastructure they already report on. Everything below — gone.
The institutions we serve are already spending more on vendor management than on subscription fees. Source-available licensing isn't just cheaper to buy — it's structurally cheaper to adopt. That is the math your CFO wants to see and your Procurement office already understands.
When a bank or hospital decides to deploy AI operations infrastructure today, there are four real options. We'll walk through them honestly. The first three are what you're doing now or considering. The fourth is what we sell.
You hire two senior platform engineers and one ML engineer. They spend the next year building what amounts to a worse version of this codebase. They learn through outages.
When they leave, the platform leaves with them. Your bug list. Your lifecycle problem. Forever.
The fastest deployment of the four options. Real product, real support team, real SOC 2 reports. Three problems for you specifically: your data lives in their cloud. Your buyer count includes a new third-party vendor. Your air-gapped environments cannot reach them at all.
For regulated buyers, this option fails security review on day one.
The consultants build a custom AI ops layer inside your VPC, then leave. The codebase is yours, but your engineers didn't write it. Bugs get filed against your team.
Upgrades require new SOWs. Eight years later the system is still half-finished. The original consultants moved on; the documentation is incomplete; everyone is afraid to touch it.
Working source code, 21,343 lines of focused Python, deployable in your VPC in days not months. Multi-LLM gateway, cost intelligence with kill switches, RBAC, audit, GDPR, billing — integrated. We maintain it; you deploy it.
If we go away tomorrow, you still have the code. The license is perpetual. You are never stranded.
We are not pretending the first three options don't exist. They do. Most institutions are using one of them right now. We are saying the fourth option is structurally better, and we are the ones offering it.
Hand this list to your CISO. Hand it to your model risk officer. Hand it to your DPO. Each line is a binary question. Most platforms in this category fail at least three of them.
Most AI ops platforms run in the vendor's cloud and stream your traces, prompts, completions, and metadata to them. For PHI under HIPAA, cardholder data under PCI-DSS, or anything in a CMMC Level 2 boundary, this is a non-starter. Veklom runs entirely inside your environment. No data leaves. Outbound traffic is exclusively when your application calls an external model — and that's controlled by your own egress policy, not ours.
Required by: HIPAA · PCI-DSS · CMMC · IL5 · Sovereign CloudClosed-source SaaS vendors put your operational continuity in their hands. Acquisition, price hike, pivot, shutdown — your platform is gone. Bank Vendor Risk Management programs penalize this directly under OCC 2013-29 third-party arrangements review. Veklom ships you working source code. Your own engineers can read it, audit it, fork it, and run it indefinitely. Even if Veklom disappears tomorrow, your deployment continues.
Required by: OCC 2013-29 · NYDFS 23 NYCRR 500 · Bank Treasury Risk · Crown DTAMost platforms ship "soft alerts" — they notify you when a cost ceiling is breached, by which point the damage is done. An autonomous agent running in a loop can rack up $50,000 of token spend in an hour, and an alert at 3am means you read about it at 9am with a five-figure invoice already accrued. Veklom blocks the call at the gateway when the cap is hit. Decision in <100ms. The bleeding stops at the boundary, not in the receipt.
Required by: CFO Risk · Treasury Controls · OpEx DisciplineArticle 17 right to erasure, Article 20 right to data portability, Article 25 privacy by design. Most AI vendors satisfy these by linking to a privacy page and asking you to email a contact address. Veklom ships them as working API endpoints: POST /privacy/export, DELETE /privacy/delete, POST /privacy/pii-detect, POST /privacy/mask. Your DPO integrates these directly into your DSR fulfillment workflow.
Most "self-hosted" alternatives still phone home — for license validation, usage analytics, error reporting, or feature flags. Each of these is an outbound connection your network team has to approve, audit, and justify in a SOC 2 / ISO 27001 boundary diagram. Veklom transmits nothing. No license-call-home. No analytics beacon. No crash reporting. Air-gapped operating mode disables outbound capability entirely at the network configuration layer. The only outbound traffic is your application calling an external model — and that's your decision, not ours.
Required by: SOC 2 CC6.1 · FedRAMP SC-7 · Air-Gap · Sovereign CloudEach line above is a question your auditor will ask. Hand them this page and a current vendor's documentation. The contrast will be quiet, factual, and unmistakable.
Compliance is not a marketing claim. It is a clause-by-clause exercise. Below is the mapping your compliance team will produce anyway — we are saving them three weeks of work. The "What you still own" column is honest: no vendor satisfies a compliance regime alone. We deliver the engineering. You deliver the policy, the audit cycle, and the human governance.
| Standard | Specific clause | What Veklom delivers | What you still own |
|---|---|---|---|
| HIPAA | §164.312(a)(1) Access control | Multi-tenant RBAC, workspace isolation, JWT-bearer auth on every route | User provisioning, role taxonomy |
| HIPAA | §164.312(b) Audit controls | Append-only audit log on every API call, correlation IDs, hash-signed entries | Retention policy, regulator reporting cadence |
| HIPAA | §164.312(c)(1) Integrity | Request signing middleware, immutable audit log, hash chain | Cryptographic key custody |
| HIPAA | §164.312(e)(1) Transmission security | TLS-everywhere, no third-party egress, optional air-gap mode | Network segmentation, BAA execution |
| PCI-DSS v4.0 | Req 6.4.3 Secure custom software | Source-code review, static analysis hooks, optional pen-test report (Enterprise tier) | Annual external pen test, SDLC procedures |
| PCI-DSS v4.0 | Req 7 Need-to-know access | RBAC + workspace isolation; per-route permission decorators | Role definitions, access reviews |
| PCI-DSS v4.0 | Req 8 Strong authentication / MFA | JWT + refresh-token rotation, MFA scaffolding (TOTP-ready) | MFA factor enforcement, password policy |
| PCI-DSS v4.0 | Req 10 Logging and monitoring | Audit log per request; Prometheus metrics; correlation IDs across services | SIEM integration, log archival, daily review |
| SOC 2 | CC6.1 Logical access | RBAC, workspace isolation, zero-trust middleware | Quarterly access reviews, evidence collection |
| SOC 2 | CC7.2 System monitoring | 11-layer middleware with metrics; intrusion detection (SQLi/SSRF/XSS); rate limiters | Alert routing, on-call rotation |
| SOC 2 | CC8.1 Change management | Source-controlled releases, signed releases, ML-model lifecycle (canary → promote → rollback) | Change advisory board, approval records |
| FedRAMP M. | AC-4 Information flow enforcement | Provider-registry routing, configurable egress allowlist, per-workspace boundary | SSP boundary diagrams, ATO process |
| FedRAMP M. | AU-2 / AU-3 Auditable events | Audit middleware on all endpoints; configurable event taxonomy | Audit baseline configuration, retention |
| FedRAMP M. | SC-7 Boundary protection | Air-gapped operating mode, no inbound vendor connections, pure-tenant deployment | Network architecture, FIPS 140-3 modules |
| FedRAMP M. | SI-4 System monitoring | IDS middleware (SQLi/SSRF/XSS pattern matching); per-IP and per-workspace rate limits | Continuous-monitoring program, POAMs |
| GDPR | Art. 17 Right to erasure | DELETE /privacy/delete endpoint with cascade across raw data, embeddings, audit log markers | DSR intake process, identity verification |
| GDPR | Art. 20 Data portability | POST /privacy/export endpoint returning structured JSON | Format-conversion if not JSON, delivery channel |
| GDPR | Art. 25 Privacy by design | No-third-party-egress default; PII detection middleware; PII masking utilities | Privacy impact assessment, DPO sign-off |
| GDPR | Art. 32 Security of processing | 11-layer middleware; encryption-at-rest scaffolding; encrypted-transport default | Key custody, vendor security questionnaires |
| OCC 2013-29 | Third-party arrangement assessment | Source-available licensing — buyer continues operation if vendor disappears; perpetual license preserves operational continuity | TPRM committee approval, ongoing monitoring |
| CMMC L2 | 110 Level 2 controls (subset) | Air-gapped deployment guide, ITAR-handling documentation, FIPS-compatible cryptography | SCIF environment, RPO certification |
Full mapping with control-level evidence, including SIG / CAIQ / HECVAT exports and a sample audit-evidence package, is available under NDA as part of the Enterprise tier or any technical evaluation engagement. Annual third-party penetration test report under Sovereign · Enterprise tier; redacted versions on request.
Most AI tools ship with marketing benchmarks that fall apart under independent test. Below is the actual stress test, with the full audit JSON in the repo. Every request is signed with a unique correlation ID. Every response body is hashed. Every latency datapoint is preserved. Re-run the benchmark and verify yourself.
| Scenario | Concurrent users | Total requests | Success rate | P50 latency | P95 latency | Throughput |
|---|---|---|---|---|---|---|
| Smoke | 10 | 100 | 100.0% | 3 ms | 21 ms | 300 req/s |
| Light | 50 | 500 | 100.0% | 67 ms | 209 ms | 572 req/s |
| Baseline | 100 | 1,000 | 100.0% | 127 ms | 466 ms | 550 req/s |
| Sustained | 200 | 3,000 | 100.0% | 396 ms | 1.7 s | 334 req/s |
| Heavy | 500 | 5,000 | 100.0% | 2.4 s | 10.5 s | 123 req/s |
Two paths. License the source as a perpetual right to deploy and modify, billed monthly. Or acquire the platform outright with full IP and trademark transfer. License rates are month-to-month, no minimum term. Cancel anytime, the version you have stays yours forever. Pilot terms for qualified institutions discussed under NDA.
All license tiers · month-to-month, no minimum term. Annual prepayment receives two months free. Pilot terms for qualified institutions discussed under NDA. Strategic acquirers and venture buyers contact directly. All engagements begin with a written technical evaluation — we are an async-first organization. No live phone calls until both parties agree the fit is real.
Selected, not exhaustive. Full security and compliance question bank available under NDA, with mapped responses to SIG, CAIQ, and HECVAT formats.
No, by default and by architecture. Veklom runs entirely inside your perimeter. Outbound traffic occurs only when your application explicitly invokes an external AI provider (e.g., calls OpenAI for an inference). We have no telemetry, analytics, license-call-home, or vendor-side logging. The codebase has been audited against this guarantee.
Air-gapped operating mode disables all outbound capability at the network configuration layer.
Yes — that is the design. Reference deployments are documented for AWS (commercial & GovCloud), GCP, Azure, and bare-metal Kubernetes. Air-gapped deployment guide includes a verified offline package and dependency mirror configuration.
Eleven-layer defense-in-depth middleware: zero-trust authentication, intrusion detection (SQLi / SSRF / XSS pattern matching), per-IP and per-workspace rate limiting, request signing, tenant isolation enforced at storage and routing layers. Honest stress-test artifacts are linked above. Independent penetration tests are scheduled quarterly under the Enterprise tier; reports are shareable under NDA.
Standard, Pro, and Enterprise are non-exclusive perpetual licenses. We may license to other non-competing buyers. Acquisition is exclusive: the product is pulled from sale entirely upon close, all existing licenses are either transitioned to the acquirer or grandfathered (your choice as buyer).
License agreements include explicit assignability clauses to support clean transfer in the event of acquisition.
Python 3.11+, FastAPI, SQLAlchemy 2.0 (async + sync), Postgres or SQLite, Redis (optional), Celery for background jobs, gunicorn + uvicorn workers in production. Standard, well-supported, readable. Any senior Python engineer becomes productive on day one.
Yes. Standard evaluation: signed NDA → repository read access + sandbox URL → 14-day evaluation period → decision. Enterprise evaluation: extended to 30 days, with one async architecture review session and customized compliance-mapping output for your specific regulatory framework.
Different cost structure entirely. Portkey, LangSmith, and Helicone are SaaS — their price covers hosted infrastructure, their SOC 2 audit cycle, 24/7 support staff, and their sales organization. We sell software. You operate the infrastructure inside your own perimeter. The total cost of ownership is comparable; the cost structure is fundamentally different.
For institutions where SaaS is structurally non-viable — banks, hospitals, defense, sovereign clouds — the only real comparison is Veklom versus building this internally. Internal builds run 9–14 months and cost $1.5M–$3M in engineering time. License pricing makes the math obvious.
Pilot terms for qualified institutions are discussed individually under NDA.
We do not run sales calls until written exchange has confirmed the fit is real. First contact is by email or written form. Technical evaluation is repository + documentation. Procurement is by written MSA with standard redlines. A short call is offered before contract signing if either party wants one — but neither party is required to take it.
This is deliberate. The buyers we serve well are buyers who prefer evidence over rapport.
To Portkey, LangSmith, Helicone, Langfuse, Fiddler, Arize, Datadog, Splunk — and to whichever venture-funded entrant launches next month: this category is changing. The buyers you have lost for compliance reasons every quarter for two years are about to start saying yes. To someone else.
We did not build this because we wanted to compete with you. We built it because the institutions you have been unable to serve have been waiting, and we are tired of watching capable engineers inside hospitals and banks rebuild the same platform every eighteen months because the SaaS market refused to meet them where they live.
If your architecture eventually catches up — deployable in our customers' VPCs, no telemetry leaving their perimeter, source available for review — we will welcome the company. Buyers in this market deserve more than one option.
Until then, we will be quietly raising the bar.
Send the architecture diagram and the verification table to your CISO and your engineering lead. If both come back with a "yes, evaluate," reach us in writing.
First reply within 1 business day · NDA & evaluation packet sent within 24 hours of mutual interest
