What does Aixys replace?

The seven SaaS tools most teams have open at once — typically a CRM, a project tracker, a finance app, an HR portal, a doc tool, a chat surface, and a BI/dashboard tool. Aixys unifies all seven into one operating surface backed by a single event log.

How does Aixys remember everything?

Every write is a typed event in an append-only log (P50 8 ms, P99 24 ms, 3× replicated). Every read — whether from the UI, the AI surface, or an integration — is a derivation of that log. The system never guesses; the AI surface grounds on the events.

Is Aixys SOC 2 compliant?

Yes. Aixys is SOC 2 Type II certified, HIPAA-ready, and supports SSO + SCIM. Data residency is available in EU and US regions. See aixys.app/about/trust for live evidence.

Can I bring my own AI model?

Yes. The AI Automation module is model-agnostic — bring OpenAI, Anthropic, or self-hosted weights. Citations and tool calls are typed and logged regardless of which model executes.

How do I integrate Aixys with existing tools?

140+ connectors, typed SDKs (TypeScript, Python, Go), and a streaming HTTP API. Outbound webhooks notify any listener; inbound integrations loop back as new events on the same log.

TRUST · OVERVIEW

Evidence, not adjectives.

Certifications you can verify, controls you can audit, regions you can pin to. Every claim on this page maps to an artefact you can receive under NDA.

SOC 2Type II · active
GDPREU data plane
SSOSAML · OIDC
KEYSBYOK · KMS

TRUST · CERTIFICATIONS

Evidence. On a page.

We pre-publish what auditors, legal, and security teams always ask for. The real artefacts — SOC 2 report, pen-test summary, DPA — are one NDA away.

SOC 2 Type IIACTIVEControls · availability · confidentiality
ISO 27001IN PROGRESSInformation security management
HIPAAAVAILABLEOn enterprise plans · BAA signed
GDPRACTIVEEU data residency · DPA available
CCPA / CPRAACTIVECalifornia consumer privacy
PCI DSSAVAILABLEThrough audited partners

TRUST · CONTROL MATRIX

Eight controls. Every tenant.

ENCRYPTION
AES-256 at rest · TLS 1.3 in flight
Every byte is encrypted at rest with envelope encryption. All transit, including inside our VPC, uses TLS 1.3.
KEY MGMT
BYOK · region-scoped KMS
Customer-managed keys in AWS KMS are supported on enterprise plans. Keys never leave your region of choice.
IDENTITY
SAML · OIDC · SCIM 2.0
SSO is available on every paid plan. SCIM provisions users and groups from your IdP in real time.
ACCESS
Least-privilege by default
Every action resolves against the same policy engine — users, service accounts, SDK tokens. No shadow admin.
AUDIT
Immutable audit log
Every write is stamped into an append-only audit log with actor, intent, payload diff, and trace ID.
RESILIENCE
Multi-AZ · hourly snapshots
Databases run multi-AZ with streaming replication. Snapshots every hour, retained 30 days, restorable to any point.
VULN MGMT
Continuous scanning · pen tested
Dependencies and infra images are scanned on every build. Third-party pen tests run twice a year; reports on request.
PRIVACY
DPA · subprocessor ledger
Standard DPA available. Every subprocessor is listed publicly with the data they touch and why.

TRUST · DATA RESIDENCY

Your data. Pinned where you need it.

us-eastUnited States (us-east-1)LIVE
eu-westEuropean Union (eu-west-1)LIVE
uk-southUnited Kingdom (uk-south-1)LIVE
ca-centralCanada (ca-central-1)LIVE
ap-southIndia (ap-south-1)PLANNED
au-eastAustralia (au-east-1)PLANNED

TRUST · AUDIT LOG

Every write. Stamped. Forever.

14:07:22Deal / dl_9f2 / updatedu_nora
14:07:22Event / evt_01hzk3 / emittedsystem
14:07:21Automation / au_close_loop / firedsa_webhook
14:07:18Key rotation / kms-eu-01 / successsystem
14:07:11SSO login / okta / acceptedu_mira
14:06:58Export / revenue.csv / generatedu_ollie

TRUST · HOW EVIDENCE IS PRODUCED

Automated evidence. Human attestation.

Our controls emit evidence into the memory bus exactly like any other event. Auditors read from a typed, append-only log — we do not hand-compile screenshots.

SOURCE

Control runs

SSO · KMS · backups

EMIT

Emit event

typed · signed

LOG

Audit log

append-only

PACK

Evidence pack

quarterly · on-demand

HUMAN

Auditor review

SOC 2 · ISO

TRUST · AUDIT SCHEMA

Two objects. One audit log.

EVENT

AuditEntry

An append-only record of a single security-relevant action.

idulid
actorjsonUser | ServiceAccount
controlenumSSO | KMS | backup | …
actionstring
resourcestring
verdictenumallow | deny | error
trace_idulidpropagated from request
atdatetime

OBJECT

EvidencePack

A signed, versioned collection of evidence covering a control window.

idulid
windowjsonfrom · to
controlsjsonstring[] of control ids
digeststringsha-256 of manifest
signerref→ SigningKey
statusenumdraft | signed | delivered

PLATFORM · CLOSE THE LOOP

Built for the audit that will come.

We treat security, residency and privacy as first-class features, not retrofits. Request the full evidence pack — SOC 2, pen-test summary, DPA and subprocessor ledger.

Request evidence pack Back to platform

Evidence, not adjectives.

Evidence. On a page.

Eight controls. Every tenant.

AES-256 at rest · TLS 1.3 in flight

BYOK · region-scoped KMS

SAML · OIDC · SCIM 2.0

Least-privilege by default

Immutable audit log

Multi-AZ · hourly snapshots

Continuous scanning · pen tested

DPA · subprocessor ledger