Agents that touch real systems need more than a demo's worth of trust. TurfAI runs on tokenised data, full reasoning-and-tool audit trails, hardened ingress, and human gates on the steps that carry risk — the controls a procurement review actually asks for.
The controls that turn an agent from a science project into something you can put in front of a regulator.
PII is tokenised before the model sees it; the reversal key is held in your KMS. Immutable audit produces an Article-28 evidence pack.
Every agent run logs what it saw, every tool it called, every decision, and who approved it — reasoning included, not just outputs.
Configurable sign-off on high-risk steps; escalations are tracked on the conversation, not lost in a thread.
A published-prompt state machine and prompt-injection linting — prompts are versioned and reviewed, not edited live in production.
Webhook HMAC and origin pinning, per-provider rate limits, per-workflow execution deadlines, and DLQ replay for failed runs.
Logs are PII-masked and audit logs redacted, so observability never becomes a data-leak surface.
Data Shield tokenises personal data before any prompt reaches a model, and the reversal key stays in your KMS — not OpenTurf’s, and not the LLM provider’s. The model works on tokens; only your systems can reverse them. Every run is recorded immutably, producing an Article-28-ready evidence pack for regulated work in BFSI, healthcare, and legal.
It is the moat for regulated sectors: tokenisation ships in Release 2; advanced named-entity detection is on the roadmap.
Your infrastructure requirements, your compliance posture, your call.
Fully managed and Ariviti-hosted — the fastest path to a workflow in production.
TurfAI deployed into your AWS, Azure, or GCP environment, so you keep data sovereignty. In private preview.
Full TurfAI capability inside your perimeter, for data that cannot leave the building. On the roadmap.
Local models at the edge for latency-sensitive or air-gapped environments. On the roadmap.
Per-tenant isolation, quota administration, and an invite flow — multi-tenant without the leakage risk.
Per-provider rate limits and per-workflow execution deadlines keep a runaway run from becoming an incident.
Failed runs land in a dead-letter queue you can replay; audit logs are PII-redacted by default.
We don’t claim a certification we don’t hold. What we do run today: Data Shield PII tokenisation with customer-held keys, full reasoning-and-tool audit trails, governed prompts, hardened ingress, and deployment isolation — the evidence a security review actually evaluates.