Skip to main content

Self-Hosted (Preview)

Status: Preview

Private preview

Control Zero Self-Hosted is available in private preview for organizations with strict data residency, air-gap, or compliance requirements. Detailed deployment, operations, and CLI documentation will be opened to the public alongside the GA release.

What is Self-Hosted

Same product, your infrastructure. Control Zero Self-Hosted runs the full Control Zero stack inside your network boundary: gateway, policy engine, audit store, dashboard, and admin CLI. No request leaves your VPC.

The SDK and gateway code are identical between Cloud (SaaS) and Self-Hosted. Only the dashboard URL and audit destination change. A team that starts on Cloud can move to Self-Hosted later without rewriting agents.

When to choose Self-Hosted

  • Regulated industry: healthcare, finance, government, defense
  • Data residency: every byte must stay in a specific region
  • Air-gap: infrastructure has no internet access
  • Sovereign cloud: national cloud provider that prohibits external SaaS
  • Strict procurement: security review forbids third-party SaaS for AI governance

If none of the above apply, Cloud (SaaS) is faster to start, free to try, and the recommended path.

Capabilities

Self-Hosted ships the same surfaces as Cloud:

  • Gateway proxy for LLM traffic
  • SDKs for Python, Node.js, Go
  • MCP server, browser extension, coding hooks, Shadow AI Scout
  • Locale-aware DLP
  • Dashboard for policy management, projects, members, usage limits
  • Compliance reports

Plus self-hosted essentials:

  • Offline license validation, no phone-home
  • Admin CLI for installation, upgrade, rollback, backup, restore, key rotation
  • Self-managed authentication backed by your database (SSO/SAML supported)
  • Anti-tampering with configuration integrity monitoring
  • Internationalized dashboard (English + Korean built in, extensible)

How to evaluate

Self-Hosted is currently distributed under a private preview agreement.

  1. Talk to us. Email team@controlzero.ai with a short summary of your use case, scale, and timeline.
  2. Receive a preview package. A license key, deployment artifacts, and a private documentation portal.
  3. Run preflight, install, run postflight. Most teams reach their first governed call within an hour.
  4. Stay close during preview. We work with preview teams directly during the early-access window.

When Self-Hosted reaches GA, the full deployment guide, operations runbooks, CLI reference, security hardening guide, and upgrade procedures will be opened to the public. For now, deep documentation is gated to preview customers.