Provenance by default
Every conclusion traces to its evidence. No black box to explain away to a regulator or a partner.
Trust & security
Defensibility is the feature.
The page the GC and the security reviewer reach first. Security posture, data handling, and the invariant the whole product rests on: evidence anchors every conclusion — and never feeds ranking.
Every conclusion traces to its evidence. Evidence anchors what survives — and never feeds ranking.
Knowledge and preference, kept apart
What Crift knows and what Crift prefers are kept strictly apart — it can't talk itself into a convenient answer, because recall is never swayed by what it would like to conclude. Evidence anchors what survives, and never feeds ranking.
A forensic record
The staging surface persists as the forensic record — nothing is destroyed, and every proposal carries a terminal status: approved, merged, rejected, promoted, demoted. Defensibility is the feature.
Tenant-isolated, and yours
Built multi-tenant and enterprise-grade from the ground up. Your field, your data, and your reasoning stay isolated and yours — deployable into your own database when you require it.
One envelope, one gate
Every action resolves through a single execute envelope with a dry-run ratification gate. Access enforcement is non-negotiable on every call, with no bypass.
Control transferred to you is trust you don't have to extend to us.
Your database, your keys, your perimeter — and zero standing access in between. Every claim below is a checkable measure a CISO can verify on the merits, not a reassurance to take on faith.
The front door is the proof there's no back door.
Your data never enters our custody. Our logic enters yours.
The stack it runs on
Crift's reasoning runs on a real stack. We name it because the stack is part of the posture.
Infrastructure
Microsoft Azure
Infrastructure, Static Web Apps, and the product's SQL Server.
Reasoning models
Anthropic — Claude
The reasoning models: Sonnet across the pipeline, Opus for final selection and reduce, Haiku for scoring, Fable available.
Embeddings
Voyage AI
Embeddings for the retrieval substrate.
SOC 2 and the formal compliance pack are in progress. Ask and we'll share where we are and our timeline.
Questions, answered.
Where does my data live?
In your own tenant — isolated and access-enforced, and deployable into your own database when you require it. We don't sell your data, and we don't share it except to operate the service through the sub-processors named on this page.
Does evidence influence the model's preferences?
No. Evidence anchors every conclusion but never feeds ranking — the activation-free invariant. What the engine knows and what it would prefer to conclude are kept apart.
Is there an audit trail?
Yes. The staging surface persists as a forensic record — nothing is destroyed, and every proposal carries a terminal status: approved, merged, rejected, promoted, or demoted.
Can the vendor get into my environment?
There is zero standing vendor privilege — absent an event you initiate, there is no vendor path in. When help is needed it is just-in-time break-glass: customer-triggered, scoped, time-boxed, and fully logged. And the app can't mint a backdoor login, because creating one needs securityadmin/sysadmin, which you never grant.
Does my data leave my environment?
Your data never enters our custody — our logic runs inside your perimeter. You own egress with default-deny-and-log, and a zero-egress air-gapped tier is available where nothing leaves at all. The AI-enabled tier sends content to named, allow-listed model providers on zero-retention terms; egress is bounded and inspectable, so you can read every byte before it crosses the boundary.
What about SOC 2 and compliance?
SOC 2 and the formal compliance pack are in progress. Ask and we'll share where we are and our timeline.