MaleusMaleus

Security & sovereignty, by design

Maleus is built for high-constraint environments: large enterprises, the public sector, government.

SOC 2In progress
ISO 27001In progress
GDPRCompliant
On-premiseAvailable
Deployment models

Three ways to use Maleus

Choose the model that fits your risk posture.

SaaS: Maleus cloud

The simplest way to get started, with no infrastructure to manage.

  • Data: Cloud (US, EU, GCC)
  • Operated by: Maleus

Private cloud

No exposure of your internal systems: Maleus starts the environments within your infrastructure.

  • Data: Cloud (US, EU, GCC), single tenant
  • Code & cloud environments: with you
  • Operated by: Maleus
Sovereignty

On-premise or bring your own cloud

Deployed in your own datacenter or your own cloud. For the strictest sovereign and government contexts.

  • Data: your infrastructure
  • Operated by: you

Each model has a different cost profile, see how deployment affects pricing.

Data sovereignty

Your data stays where it belongs

Pick a deployment model to see where your data lives and how it stays isolated.

  • Hosting in the US, France or the Gulf region
  • You own your source code
Maleus cloud
  • Data
  • Code
  • Cloud environments
Maleus application security

Four pillars, built in from the start

Applications generated by Maleus deliver maximum security.

01

Secure virtual environments

Each agent runs in an ephemeral environment, created on demand and destroyed afterwards. Process and user isolation, plus network and application restrictions for every agent.

02

A proven security core

Authentication, encryption and permissions rest on a pre-built, hardened framework. The AI only generates business logic.

03

Supply-chain protection

Dependencies are managed under control and updated automatically after a grace period. Secrets are injected only into the environment of the process that needs them.

04

Auditability

All agent actions are traced, alongside critical actions inside Maleus, and every generated application ships with its own audit trail automatically.

Identity & access

The identity and access controls you expect

Maleus is ready to slot into your existing information system, connecting to the identity and access stack you already run.

SSO: SAML / OIDC

Connects to your existing enterprise directory.

SCIM provisioning

Automatic account creation and revocation, synced from your IdP.

RBAC

Configure roles for read, edit and admin, or sync them from your IdP.

Secrets management

Built-in management with encrypted secrets, or connect your own key service (KMS).

Security of the software we ship

Security extends to the code we ship

Automatic SAST analysis of the code produced

Dependency auditing on every build

Penetration testing run by agents

Encryption of data at rest and in transit

Row-level database encryption, with an optional layer on sensitive columns such as API keys

Audit trail of critical actions

APIs secure by design: protection against SQL injection, CSRF and XSS

Audit & observability

End-to-end traceability

Full audit trail

Every action is recorded: a complete, traceable log of agent sessions.

Correlated logs

Interactions, API requests and backend logs tied together, with an audit trail of critical actions.

SIEM integration

Forward events to your existing SIEM and keep security monitoring in one place.

Human sign-off

Mandatory approval before any infrastructure deployment. No blind deployments.

Audit & logs
Audit and logs dashboard with correlated activity
Code ownership

The code is 100% yours. No vendor lock-in.

The software Maleus generates belongs entirely to you and runs with no dependency on the platform.

Connect your GitHub or GitLab repository and the code is delivered there continuously, ready for your teams to take over at any time.

GitHubGitLabAzure Foundry
  • Standard code, open-source technologies
  • Applications run independently of the platform

A security question? Let's talk it through.

Our technical team answers security questionnaires and documentation requests directly.