New:System Graph 2.0See System Graph 2.0
Deployment

Customer-controlled execution for every environment

Zof generates governed test intelligence, packages signed capsules, and executes through customer-controlled runners, without requiring protected applications to call external AI services.

Book a secure deployment briefingExplore secure enclave
No inbound access required · No external model calls from protected networks · Signed test capsules

No inbound access required

No external model calls from protected networks

Signed immutable test capsules

Human approval for governed remediation

Reference architecture

Three planes. One governed execution model.

Intelligence and control stay where policy allows; execution stays inside your boundary. Sensitive data remains in the execution plane unless you approve egress.

Intelligence Plane

Governed test intelligence

Planning, generation, and prioritization run where policy permits, Zof Cloud, private cloud, or on-prem.

  • -System Graph and workflow understanding
  • -Risk prioritization and test generation
  • -Signed capsule assembly
  • -Remediation planning where permitted
  • -No direct execution against protected apps from external SaaS

Control Plane

Approvals and policy

Customer-governed layer for signing, scheduling, audit trails, and evidence routing.

  • -Human approval workflows
  • -Cryptographic signing and policy enforcement
  • -Capsule versioning and promotion
  • -Role-based access and SSO integration
  • -Audit-ready records for every action

Execution Plane

Customer-controlled execution

Tests run inside your infrastructure. Sensitive data stays inside unless you approve egress.

  • -Local edge runner execution
  • -Browser, API, and desktop validation
  • -Local evidence capture and redaction
  • -Optional sanitized or metadata-only egress
  • -No external model calls from protected networks at runtime

Secure enclave architecture

Intelligence and control operate outside the protected segment; execution and evidence stay inside via signed capsules and customer-controlled runners.

Approved planning zone

Intelligence Plane

Cloud, private cloud, or on-prem

Control Plane

Signed Test Capsule

Customer Transfer Boundary

Customer-controlled segment

Execution Plane

Enclave Gateway

Edge Runner

Target Applications

Local Evidence Store

Optional Sanitized Egress

Compare deployment models

Deployment modelWhere AI planning runsWhere execution runsInternet requirementData egress modelIdeal use caseSales motionPricing
Zof CloudZof CloudZof-managed or customer runnersStandard outboundCustomer-configuredCloud-native teams, lower-friction pilotsSelf-serve to enterprisePublished tiers + enterprise
Zof Private CloudDedicated private cloudCustomer-controlled runnersPolicy-controlled outboundLocal-first; optional approved egressRegulated industries, residency requirementsEnterprise salesCustom, contact sales
Zof Hybrid EnclaveCloud or private cloudEnclave gateway + edge runnersNot required in protected segmentLocal-only default; optional sanitizedBanks, insurance, internal-only appsSecure deployment briefingCustom, contact sales
Zof On-Prem Control PlaneCustomer data centerCustomer-managed runnersOptional / air-gapped supportedLocal-only typicalNo internet, strict residency, internal governanceArchitecture review requiredCustom, contact sales
Zof Local Edge RunnerPaired control planeBranch, factory, edge siteNot required for executionLocal evidence; optional syncDistributed sites, segmented networksAdd-on to enterprise deploymentCustom, contact sales

Secure deployment pricing depends on model, footprint, and implementation scope. View enterprise deployment pricing

Explore deployment options

Secure enclave

Signed capsules, enclave gateway, and local edge runners for segmented and restricted networks.

Private cloud

Dedicated Zof environment in a customer-approved region with stronger isolation and residency controls.

On-prem control plane

Customer-managed infrastructure for strict residency, air-gapped, or limited-connectivity requirements.

Local edge runner

Distributed validation at branch, factory, or edge sites, without exposing local systems to the internet.

Banking secure enclave

Governed validation for core banking workflows through customer-controlled execution and audit-ready evidence.

Next step

Plan your deployment with Zof

Walk through architecture, evidence controls, and a conservative pilot path with our deployment specialists.

Book a deployment briefingContact sales

Continue exploring

Architecture, industry solutions, pricing, and security review resources.

Secure Enclave

Signed capsules and customer-controlled runners for restricted networks

Learn more

Banking Secure Enclave

Governed validation for core banking workflows

Learn more

Enterprise Deployment Pricing

Private cloud, on-prem, enclave, and edge pricing

Learn more

Security Review Checklist

Procurement-ready deployment review checklist

Learn more
01The operational surface

One surface for posture, operations, and what needs attention next.

The Zof home is not a marketing dashboard. It is the operational surface engineering, QA, and SRE teams use every day, quality posture, in-flight runs, coverage by module, and the actions a leader should look at next.

OPERATIONAL KPIs

  • Runs
  • Coverage
  • Risk

Live across every environment you ship to.

WORK SPINE

  • Specs
  • Tests
  • Schedules

From specification to scheduled regression.

GUARDRAILS

  • RBAC
  • SSO
  • audit

Every action attributable to a named human.

STAGING · LIVE/home
Zof AI home command center showing 12 runs at 94% pass, 3 open critical issues, 84% coverage, four module traceability bars, the specification pipeline, upcoming schedules, and recommended next actions with an active-runs sidebar.
Home view · Checkout Service · Staging · captured live from the product.
  • 01 · RUNS · 24H

    94% pass

    12 runs across staging

  • 02 · COVERAGE

    84%

    Across four modules

  • 03 · ACTIVE RUNS

    3 running

    Live on this branch

  • 04 · NEXT ACTIONS

    Recommended

    Triage gaps, new spec

Zof AI Deployment Options, Secure, Private Cloud, On-Prem, and Edge