Our Commitments
Non-negotiable promises that govern everything we build.
Delivery without inbound ports
Our architecture delivers events to private systems without requiring you to open inbound firewall ports. Events flow outbound from your infrastructure to ours, never the other way around.
SaaS stays out of the delivery path
The SaaS control plane controls configuration and policy—it never sits in the path of event delivery. Your events travel directly from edge to egress, or through regional bridges, without touching SaaS infrastructure.
Delivery succeeds independently
Event delivery does not depend on SaaS availability. If our SaaS control plane is unavailable, existing configured flows continue delivering. SaaS outage does not mean delivery outage.
Mutual authentication everywhere
Every internal connection uses mTLS with SPIFFE identity. Service-to-service communication verifies both ends—no implicit trust based on network topology. Fail-closed: if identity cannot be established, the connection is denied.
Regional data planes
Data and edge planes run in your regions, close to your infrastructure. This keeps latency low and ensures data residency—your events don't leave your regions unless explicitly configured.
Deterministic operator workflows
All deployments use immutable tags and digests. Configuration is GitOps-first: desired state lives in git. Manual kubectl patches are break-glass only, not workflow.
What This Means Operationally
Not Dependent on SaaS
If SaaS goes down, your flows keep running. Configuration reads fail but event delivery continues.
No Open Ports
Our agents and bridges connect outbound. Your firewall rules stay closed.
mTLS Required
All service-to-service calls require mutual TLS. No plaintext paths in production.
GitOps First
All configuration is git-defined. Manual changes are exception, not rule.