Sovereignty isn't a location. It's who holds the keys.
1331's computational reasoning substrate deploys in three postures — Owned, Controlled, Governed. Same substrate, same audit trail, same agent runtime. Pick the posture that matches your regulator, your audit obligation, and your boundary — and move between them when those change.
The same substrate runs anywhere your control demands.
Owned
Inside your perimeter. On a box you can touch.
A physical appliance racked inside your boundary. Zero required outbound connectivity. The only posture an FSO, a CMMC assessor, or a NERC CIP auditor accepts on the first pass.
Explore posture →Controlled
Your cloud account. Your contract. Your audit.
A dedicated VPC or sovereign-region deployment under your cloud contract, your KMS, your audit pipeline. Designed for HITRUST scope, DORA exit strategies, and EU-law DPAs that survive Schrems II review.
Explore posture →Governed
Managed by 1331. Bounded by contract.
A managed-cloud posture with contractual isolation, pre-built exam exports, and no CLOUD Act-reachable parent in the inference path. The fastest path to production when you don't need to operate the infrastructure yourself.
Explore posture →Append-only, signed, queryable. Exports to your SIEM in structured formats.
BYO-KMS in Controlled / Governed. Hardware-rooted keys in Owned.
Per-workload routing, retention, redaction, and BYO-key burst rules.
Hard caps per workload, per team, per matter — enforced before inference.
The clauses regulated buyers can't get past.
What lives inside your boundary — and what stays at 1331.
- Reasoning substrate and agent runtime
- Model weights (open-weight, quantized for your hardware or VPC)
- Vector stores, embeddings, and RAG indexes
- Prompts, completions, tool calls, and intermediate state
- Append-only audit log (signed, queryable, SIEM-exportable)
- License + entitlements
- Substrate version updates and security patches (signed bundles)
- Anonymized health telemetry (opt-out in Owned and Governed)
- Optional support tunnel — off by default, audited when on
- Nothing else — no prompts, no logs, no training data, ever
Burst to GPT-5, Claude, or Gemini — on your terms.
Sovereignty doesn't mean isolation. Any agent can route a single step to a frontier provider when the job genuinely demands it — long-context synthesis, deep multi-step reasoning, vision, or live web grounding — while everything else stays inside your posture. You bring the key, you set the policy, every call lands in the same audit trail as local inference.
General reasoning, tool use, structured output.
Long context, careful drafting, code review.
Native multimodal, 2M-token context, grounded search.
BYO API keys with per-provider quotas. We never proxy through 1331 infrastructure.
Per-workload, per-step rules: keep PII local, allow frontier for public synthesis, fall back on failure.
Same SDK call, same signed log entry — whether the token came from your appliance or a frontier endpoint.
The frameworks our buyers are audited against.
Compliance is a function of posture + policy + audit, not a logo. Pick the posture, we'll send the packet.