Short answer
The customer-hosted Subconscious Inference System is designed to support a customer’s existing security and compliance review process. For production customer-hosted deployments:- The API Gateway and Inference Runtime run in the customer’s cloud account or customer-controlled environment.
- Customer requests, prompts, completions, logs, keys, and operational data remain in the customer environment unless the customer explicitly chooses otherwise.
- Subconscious does not host the customer’s production inference system.
- Subconscious does not require persistent access to the customer’s cloud account.
- Subconscious does not need ingress into the customer’s cloud account.
- Subconscious does not control production availability.
- The customer controls versioning, deployment cadence, networking, access, monitoring, and Subconscious Inference System operations.
- Updates are customer-approved and installable through the customer’s own change-management process unless the customer explicitly chooses an assisted update workflow.
Scope note
For customer-hosted production deployments, customers commonly review Subconscious as a software vendor and software supply-chain vendor. The API Gateway and Inference Runtime run under the customer’s deployment, access, monitoring, networking, and change-management controls. Subconscious can provide architecture documentation, data-flow evidence, release integrity materials, and shared responsibility documentation to support that review.Deployment model
The Subconscious Inference System has three core components:- API Gateway: The customer-facing entry point for agent traffic, authentication, API key management, routing, usage controls, load balancing, and customer-facing admin workflows.
- Inference Runtime: The GPU-backed execution layer that runs on customer-provided GPUs and drives Subconscious’s compute-efficiency advantage.
- Distribution Platform: The software delivery and update workflow used to distribute new versions, patches, and release metadata to customer-controlled environments.
Security review position
Subconscious is designed to support the following review position for customer-hosted deployments:The product runs in the customer’s cloud account. In the standard customer-hosted configuration, Subconscious does not host the production system, does not require persistent access, and is not intended to receive production prompts, completions, source code, or production inference data. Updates are optional, customer-approved, signed where available, and installable through the customer’s own change-management process.This position depends on four operating principles:
- Customer-controlled data handling by default: Production inference traffic stays in the customer environment.
- Production operation under customer control: The API Gateway and Inference Runtime operate under the customer’s operational control.
- Customer-controlled deployment cadence: The customer chooses when to approve and deploy new versions.
- Customer-controlled access: Subconscious support access is optional, customer-approved, time-bound, and logged.
Shared responsibility model
Subconscious and the customer share responsibility for a secure deployment.Subconscious responsibilities
Subconscious is responsible for:- Secure development of Subconscious software.
- Release integrity for distributed software artifacts.
- Release notes, version metadata, and update communication.
- Security patch development and disclosure.
- Documented deployment guidance.
- Support for installation, configuration, troubleshooting, and upgrades.
- Clear documentation of optional telemetry or support access.
Customer responsibilities
The customer is responsible for:- Cloud account security.
- Ownership and administration of the Kubernetes cluster.
- IAM, access control, and identity integration.
- Network configuration, ingress, egress, and firewall rules.
- GPU provisioning and capacity planning.
- API Gateway and Inference Runtime monitoring, alerting, and incident response.
- Backups and retention for customer-managed data stores.
- Final ownership of vulnerability scanning and continuous monitoring in the customer environment.
- Change management and approval of new releases.
- Internal rollout to engineering users.
Joint responsibilities
Subconscious and the customer work together on:- Deployment planning.
- Security review.
- Kubernetes cluster configuration for the Subconscious Helm chart.
- API Gateway and Inference Runtime configuration.
- Initial route and endpoint setup.
- Performance validation.
- Vulnerability scanning setup, scan result review, and remediation planning.
- Continuous monitoring setup and operational review.
- Upgrade planning.
- Automatic update pushes when the customer chooses that assisted self-managed mode.
- Incident investigation when customer-approved support is needed.
Data handling
For customer-hosted production deployments, Subconscious is designed so customer data remains inside the customer environment. The following should remain in the customer’s cloud unless the customer explicitly chooses to share it:- Source code.
- Prompts and completions.
- Inference requests and responses.
- API keys and user records.
- Runtime logs.
- Application logs.
- Operational metrics.
- Customer-specific route configuration.
- Customer repositories.
- Customer source code.
- Customer prompts or completions.
- Customer production logs.
- Customer cloud credentials.
- Customer databases.
- Customer identity provider data.
Telemetry
Customer-hosted deployments should be configured with no customer data telemetry by default. If telemetry is enabled, it should be:- Explicitly opt-in.
- Documented before activation.
- Limited to the fields required for the stated operational purpose.
- Configurable by the customer.
- Disabled through the customer’s own deployment controls.
Support access
Subconscious does not require persistent access to the customer’s cloud environment. Support access, when needed, should follow the customer’s access policy. Common support models include:- Live screen-share sessions where the customer drives.
- Customer-approved temporary access.
- Break-glass access for urgent issues.
- Time-bound cloud console access.
- One-time credentials issued by the customer.
- Customer-provided logs or diagnostics exported from the customer’s own tools.
Release and update controls
Subconscious releases are intended to fit into the customer’s change-management process. Customers should be able to:- Review release notes before deployment.
- Review version metadata and artifacts.
- Approve updates before they are installed.
- Choose automatic or opt-in update policies.
- Schedule maintenance windows.
- Roll back when needed.
- Maintain control over production deployment cadence.
Software supply-chain assurance
Because Subconscious software runs in the customer environment, the primary security review focus is software supply-chain assurance. During evaluation, Subconscious can provide or work toward providing a security assurance packet that includes:- Architecture overview.
- Data-flow diagram.
- Shared responsibility matrix.
- Release notes.
- Signed containers, Helm charts, binaries, or checksums where available.
- Software bill of materials for releases where available.
- Vulnerability scan results for images and packages.
- Dependency management process.
- Secure development lifecycle overview.
- Release approval process.
- Incident disclosure policy.
- Support access policy.
- Optional offline or air-gapped installation guidance.
- Customer-controlled update process.
Vulnerability management
Subconscious is responsible for addressing vulnerabilities in Subconscious-maintained software artifacts. The expected vulnerability management process includes:- Vulnerability scanning of release artifacts.
- Dependency monitoring.
- Prioritization based on severity, exploitability, and customer exposure.
- Security patches for affected supported versions.
- Customer notification for material security issues.
- Release notes or advisories describing the remediation path.
Offline and restricted environments
Some customers may require restricted network access, private registries, or offline installation paths. Subconscious can support deployment planning for environments that require:- Private container registries.
- Customer-managed artifact mirrors.
- Restricted egress.
- Customer-controlled update promotion.
- Air-gapped or semi-air-gapped workflows.
- Internal vulnerability scanning before deployment.
Hosted trials and production deployments
Subconscious may offer hosted trials or model comparison trials before a customer-hosted production deployment. Hosted trials are separate from customer-hosted production deployments. A hosted trial may be useful for evaluating model quality, agent compatibility, or workflow fit, but it should be assessed under its own security and data-handling terms. For production customer-hosted deployments, the API Gateway and Inference Runtime are deployed in the customer’s cloud and governed by the customer-controlled model described in this document.Security review materials
During evaluation, Subconscious can provide the following materials to support customer security review:- Customer-hosted architecture memo.
- Data-flow diagram.
- Shared responsibility matrix.
- Software supply-chain controls summary.
- Release and update process.
- Vulnerability management summary.
- Support access policy.
- Telemetry statement.
- Deployment guide.
- Security and vendor risk FAQ.