Skip to main content

Security

Security that starts with on-premise

Enterprise automation touches sensitive systems. Exekra is designed so that workflow execution and automation data remain within infrastructure you control.

On-Premise
Deployment
TLS 1.3
Encryption
RBAC
Access Control
Audit Logs
Compliance

Self-hosted by default

The Hub, Runners, workflow execution, and stored credentials operate within your environment rather than Exekra-managed infrastructure.

Customer-controlled infrastructure

Exekra connects to databases and systems you manage. Customers are responsible for the security, configuration, and compliance posture of their own environments.

No shared execution environment

Workflows run on infrastructure you control. There is no multi-tenant execution layer and no shared customer runtime.

Built around least privilege

Credentials remain under customer control. Access can be restricted through existing enterprise security policies and role-based permissions.

Limited telemetry

The self-hosted platform is designed not to transmit workflow telemetry, execution data, or customer business data to Exekra under normal operation, except for limited license validation requests.

Security reviews and enterprise documentation

We can provide additional security and architecture information during procurement and enterprise review processes under appropriate confidentiality arrangements.

Security Principles

What we commit to, by design

Customer data stays customer data

Workflow execution data, credentials, logs, and business records remain within infrastructure controlled by the customer.

Minimal trust assumptions

Exekra is designed to reduce dependency on third-party infrastructure and external services for workflow execution.

Transparent architecture

Customers know where workflows run, where data is stored, and how components communicate.

How data flows

Workflow data stays inside your network

Every component on the execution path runs inside the customer boundary. The only outbound traffic is a signed, telemetry-free license validation request.

Customer network

Hub Server

Orchestration, RBAC, vault, audit

Desktop Runners

Workflow execution on your machines

Business Systems

The targets your workflows act on

Workflow definitions, credentials, execution logs, and business data all remain inside this boundary.

Only outbound traffic

Signed license validation

Telemetry-free license checks. No workflow data leaves the network.

Compliance & Procurement

Security that fits your compliance framework

Exekra is deployed within infrastructure controlled by the customer. Security controls, network policies, access management, monitoring, and data governance remain aligned with the organization's existing compliance framework.

The platform is designed to support organizations operating under regulatory, security, and internal governance requirements by keeping workflow execution, credentials, logs, and operational data within customer-controlled environments.

Available during enterprise evaluation

Enterprise security reviews
Architecture documentation
Deployment guidance
Security questionnaires

Provided under appropriate confidentiality arrangements.

For compliance and security inquiries, contact [email protected].