Security & trust

Your network stays yours.

CrossConnect runs on your own servers, so your network's secrets never leave your building. It only ever looks at your network, it cannot reach out and change a setting. And when you do decide to make a change, nothing happens until a person says yes, with a record of who and when. Here is the plain truth: where it runs, where your data sits, how the AI is kept honest, and what we are not claiming.

Runs on your own servers Your data never leaves It only ever looks Nothing changes without you Each team sees only its own Passwords kept sealed A tamper-proof history The AI can't make things up
Where it runs

On your servers, where your data stays.

CrossConnect installs on your own servers, in your office or in your own cloud account, and your network data stays inside your walls where we cannot see it. The only thing that ever leaves is something you choose to turn on: a message to another tool you use, or a question sent to an AI service you pick. You can even skip the AI service entirely and run a simpler built-in mode that calls nothing outside.

your servers CrossConnect+ its database discoveryonly looks your gear looks only your toolsif you turn on AI serviceoptional only if you choose

Everything inside the dashed box lives on your servers. CrossConnect only reads your network: making an actual change, like updating a switch, is a separate step that you approve and that gets logged. Nothing leaves your walls except on paths you switch on yourself.

A trustworthy assistant

It can't make things up, and it can't change a thing.

You can ask CrossConnect anything about your network in plain English. Every answer points to the exact records it came from, so you can check the work. If the records can't back up an answer, it says "I don't know" instead of guessing. And it can look anything up, but it cannot change a single setting on its own.

  • Shows its sources: every answer points to the records behind it, or it says "I don't know"
  • Never invents a device, an address, a connection, or a fact
  • Advice only: it can point to the cause of a problem and show the proof, but it never applies the fix itself
  • Nothing changes until you say yes: it proposes the change, you approve it, then it happens
  • Respects who you are: it will never show a person data they are not allowed to see
  • Keeps a full record: every question, every source, and every answer is logged
the assistant
Delete every device in Studio B.
I will not delete anything myself. I have written up the change for you to look over. Approve it and it happens, or it simply expires. proposed · 6 devices · waiting for a person to confirm · logged
Who sees what

Everyone sees only what they should.

Each team stays separate

If more than one team or site uses CrossConnect, each one sees only its own network. No team, and not the assistant, can read another team's data.

kept apart

The right access for each person

People sign in with your company login, and you decide what each one can do: some can only look, some can make changes, and some can manage the account. The assistant follows the same limits as the person using it.

SSO · roles you control

Secrets encrypted at rest

Any login details or keys CrossConnect needs are encrypted at rest behind a master key that never leaves your server, and opened only for the moment they are used. Rotate the key without downtime, and a built-in check refuses to start on a weak or default one.

encrypted at rest · rotatable

It only ever looks

CrossConnect reads your network to build its picture, and that is all. It does not change a setting and it does not read your private traffic: it just looks at the gear it is allowed to see. Making an actual change is always a separate step that you approve.

looks only

A tamper-proof history

Every action is written to a history you can trust. Each entry is linked to the one before it, so if anyone tried to change or remove a record after the fact, it would show. You can check the whole chain any time.

verifiable

Nothing changes without you

Updating a switch or upgrading its software is always a deliberate step that someone has to approve first. CrossConnect never changes a device quietly behind your back, and every step is written down.

you approve · logged
Straight talk

What we promise, and what we don't claim.

It runs where you want it. CrossConnect lives on your own servers, in your office or in your own cloud account, so your data stays under your control where we cannot see it. You hold the keys.
We are not claiming security certifications. CrossConnect is an early product, in what we call operator preview. We are not claiming any official security audit or certification today, and we will not say we have one until it is true. CrossConnect can help you prove your own network meets those standards, but that is a different thing from CrossConnect itself being certified, and we will not blur the two.
The AI is your choice. Use the assistant with an AI service you pick, or skip the outside service and run a simpler built-in mode. Either way, the same rules hold: it shows the records behind every answer, and nothing changes until a person confirms.

Have a security questionnaire or a specific question you need answered? We would rather give you a straight answer than wave our hands.

Run it inside your own walls.

It runs on your servers, with your data, and your choice of AI service or none at all. You can see exactly what it does before it ever touches a thing.

See how it works