Security & sovereignty, by design
Maleus is built for high-constraint environments: large enterprises, the public sector, government.
Three ways to use Maleus
Choose the model that fits your risk posture.
SaaS: Maleus cloud
The simplest way to get started, with no infrastructure to manage.
- Data: Cloud (US, EU, GCC)
- Operated by: Maleus
Private cloud
No exposure of your internal systems: Maleus starts the environments within your infrastructure.
- Data: Cloud (US, EU, GCC), single tenant
- Code & cloud environments: with you
- Operated by: Maleus
On-premise or bring your own cloud
Deployed in your own datacenter or your own cloud. For the strictest sovereign and government contexts.
- Data: your infrastructure
- Operated by: you
Each model has a different cost profile, see how deployment affects pricing.
Your data stays where it belongs
Pick a deployment model to see where your data lives and how it stays isolated.
- Hosting in the US, France or the Gulf region
- You own your source code
- Data
- Code
- Cloud environments
Four pillars, built in from the start
Applications generated by Maleus deliver maximum security.
Secure virtual environments
Each agent runs in an ephemeral environment, created on demand and destroyed afterwards. Process and user isolation, plus network and application restrictions for every agent.
A proven security core
Authentication, encryption and permissions rest on a pre-built, hardened framework. The AI only generates business logic.
Supply-chain protection
Dependencies are managed under control and updated automatically after a grace period. Secrets are injected only into the environment of the process that needs them.
Auditability
All agent actions are traced, alongside critical actions inside Maleus, and every generated application ships with its own audit trail automatically.
The identity and access controls you expect
Maleus is ready to slot into your existing information system, connecting to the identity and access stack you already run.
SSO: SAML / OIDC
Connects to your existing enterprise directory.
SCIM provisioning
Automatic account creation and revocation, synced from your IdP.
RBAC
Configure roles for read, edit and admin, or sync them from your IdP.
Secrets management
Built-in management with encrypted secrets, or connect your own key service (KMS).
Security extends to the code we ship
Automatic SAST analysis of the code produced
Dependency auditing on every build
Penetration testing run by agents
Encryption of data at rest and in transit
Row-level database encryption, with an optional layer on sensitive columns such as API keys
Audit trail of critical actions
APIs secure by design: protection against SQL injection, CSRF and XSS
End-to-end traceability
Full audit trail
Every action is recorded: a complete, traceable log of agent sessions.
Correlated logs
Interactions, API requests and backend logs tied together, with an audit trail of critical actions.
SIEM integration
Forward events to your existing SIEM and keep security monitoring in one place.
Human sign-off
Mandatory approval before any infrastructure deployment. No blind deployments.


The code is 100% yours. No vendor lock-in.
The software Maleus generates belongs entirely to you and runs with no dependency on the platform.
Connect your GitHub or GitLab repository and the code is delivered there continuously, ready for your teams to take over at any time.
- Standard code, open-source technologies
- Applications run independently of the platform
A security question? Let's talk it through.
Our technical team answers security questionnaires and documentation requests directly.

