// Security / Ownership by design

Your data, your keys, your machine

Most AI tools ask you to send your credentials, your files, and your customers' data to someone else's cloud and trust them with it. BusinessBots is built the other way around: open source at the core, self hostable end to end, with every secret staying exactly where you put it.

Security here isn't a checkbox bolted on later. It's the architecture

businessbots / secure

$ businessbots deploy

Open source core verified
Credentials encrypted · AES-256-GCM
Data stays inside your perimeter
Audit trail enabled
Secured
// Built secure

Secure by architecture, not by promise

Five layers of defense, each one something you can read, run, and own.

$models01

Bring your own models

Use your own model keys, or run everything locally. Your prompts and data never leave your perimeter.

$source02

Open source core

The whole core is open source. Read it, audit it, even fork it. There's no black box to take on faith.

$credentials03

Encrypted credentials

Every secret is encrypted at rest and locked to the one project that needs it, never shared across the system.

$access04

Defense in depth

Access is enforced at the database itself, so a request can only ever reach the data it's allowed to.

$audit05

Audit trail you own

Every action is logged on your own infrastructure, so you always know what ran, when, and on whose behalf.

A note on compliance

BusinessBots gives you the building blocks for a strong security posture: isolation, encryption, self hosting, BYO models, auditability, and open source transparency. Your specific compliance position depends on how you deploy and operate it. If you have requirements to meet, talk to us about a deployment pattern that fits.

// Your infrastructure

It runs where you do

One command to self host, and hard isolation underneath so the platform can update without ever touching your data.

Run on your own infrastructure

Install on your own hardware or your own cloud with a single command. Cloud is an option, never a requirement, including fully air gapped deployments. Where the software runs, your data stays.

install
$ curl -fsSL https://businessbots.io/install | bash

Isolated by default

Every agent runs inside its own Docker sandbox, an isolated Linux environment separated from the host and from other workloads. Storage is deliberately partitioned so isolation survives updates and cleanup.

  • /workspaceyour persistent data and files
  • /persistentruntime state (session data, secrets, profiles)
  • /ephemeralsystem code from the image, replaced on every update
// Deploy

Self host on your own perimeter

Read the source, or talk through the deployment pattern that fits your environment, cloud, on premises, or fully air gapped.

Talk through deploymentSee solutions by function