By Parousia Group · HRB v3.0 · Sovereign by design New · DevKosher 17.5.2 — post-quantum routing for AI Gateway

The sovereign platform
for serious engineering teams.

Source control, AI review, pipelines, and compliance — engineered for organizations that own their code, their keys, and their region.

Start free Try DevKosher AI
Free for 5 collaborators · No credit card · 6 sovereign regions
parousia-team.devkosher.com / dashboard
Active projects
247
↑ 12
Open MRs
38
↓ 5
Pipelines / 24h
412
98.5%
AI calls
1 284
↑ 22%
Pipeline volume — last 30 days EU-FRA-1 · 99.99% SLA
Trusted across Parousia Group · 5 500+ collaborators · 6 sovereign regions
ISO 27001:2022 SOC 2 Type II PCI DSS L1 GDPR · eIDAS QTSP NIST 800-53 Rev 5 FIPS 140-3
Source control

Git that thinks like a security team.

Every push is signed. Every branch is policy-bound. Every artifact carries a SLSA Level 3 attestation and a tamper-evident SHA-512 hash in the audit chain. You don't read about compliance in a slide deck — you read it in the commit history.

  • Signed commits enforced at branch protection (Ed25519 + eIDAS qualified seals)
  • Tamper-evident audit chain with cryptographic linkage — court-exportable
  • SBOM and SLSA attestation generated on every artifact, signed via Sigstore
  • Open data export, anytime, in a documented format — no lock-in
parousia/devkosher-core · main commit db7f2e8 
 commit db7f2e8                12 min ago
   fix: PII leakage on Mistral bypass path
   Signed-off-by: Joel Basila <joel@parousia>
   ⌅ Ed25519 signature verified
   ⌬ eIDAS qualified seal · QTSP Parousia
   ⛌ SLSA L3 attestation · in-toto
   ⛢ SBOM · 412 components · CycloneDX
   ↯ audit chain · 0xa3b8…7f2e
DevKosher AI
Claude Opus 4.6
review !248 — focus on Mistral routing leakage

🔴 High · token leakage risk
In routeToMistral() the pii_bypass=true flag sends prompts unscrubbed when used outside allow-listed tenants.

🟠 Medium · audit gap
Mistral path doesn't write to ai_request_log when status ≠ 2xx.

Generated · 412 ms · sovereign EU-FRA-1 · 0 retention
DevKosher AI

A code assistant your CISO already approved.

DevKosher AI routes every request to Claude, Mistral, or Llama within your sovereign region. The PII filter is on by default. Retention is zero by default. Bypass requires a per-tenant grant in the audit log.

  • Sovereign routing · request never leaves your region or isolation perimeter
  • PII filter enforced at the gateway · token scrubbing · no embedding retention
  • Per-tenant model policy · pick Claude, Mistral, Llama, or your own endpoint
  • Full traceability · every AI call lands in ai_request_log with prompt fingerprint
Platform

Everything a developer platform should be — nothing it shouldn't.

No surprise vendor lock-in. No hyperscaler dependency. No bait-and-switch pricing on capabilities your engineers need to ship.

Post-quantum hardened

TLS 1.3 with ML-KEM-1024 hybrid. FIPS 140-3 cryptographic modules. Customer-managed encryption keys via Thales Luna HSM.

Six sovereign regions

EU-FRA · EU-PAR · CA-EAST · AF-WEST · US-EAST · APAC-SG. Active-active replication with sub-60-second RPO.

SLSA Level 3 pipelines

Hermetic builds, non-falsifiable provenance, isolated runners. Native cosign, Sigstore, in-toto attestations.

Continuous compliance

ISO 27001:2022 · SOC 2 Type II · PCI DSS L1 · GDPR · NIST 800-53. Posture exportable to your audit committee.

Migrate in an afternoon

Importers for GitHub, GitLab, Bitbucket, Azure DevOps. Repos, issues, MRs, pipelines, secrets — all preserved.

Open by design

Documented data export anytime. Standard Git on the wire. OpenAPI on the control plane. We never hold your data hostage.

"
We moved 247 repositories and 5 500 collaborators off two hyperscaler platforms in a single quarter. The reason wasn't features — it was that our auditors could finally see what was happening to our code.
JB
Joel Basila
CEO · Parousia Group

Start your sovereign workspace.

Free for 5 collaborators, unlimited repositories. No credit card. Upgrade when your team does.

Create a workspace Talk to a sovereignty engineer