THE TRUST MODEL EVERYTHING LEFT OF THE LINE IS UNDER YOUR CONTROL
Your data center
Your team or agent sends — real data

Summarize the complaint from subscriber +90 543 417 88 21, account VF-C-88231, about the fiber outage in Kadıköy.

Text · Files · Images · Audio
Salus Engine
detect

tokenize

restore
vault & keys stay inside
tokens → ← response
Outside world
What the external AI sees

Summarize the complaint from subscriber PHONE_8f3a, account CID_4a2e, about the fiber outage in LOC_1d8c.

OpenAI · Claude · Gemini · Azure · Mistral · any OpenAI-compatible provider

The problem Salus solves#

Employees, applications, and AI agents are already sending sensitive data to external AI services. The two conventional responses both fail: blocking breaks the workflow and pushes usage into unmanaged channels, and one-way redaction destroys the context the model needs, so answers come back degraded.

Salus takes a third path. Sensitive values are detected inside your environment and replaced with typed, deterministic tokens — PHONE_8f3a instead of a phone number. The tokenized request goes to the provider, the provider writes its answer around the tokens, and Salus restores the original values inside your perimeter before the answer reaches the user. The workflow is unchanged and the answer is complete.

Where the intelligence runs#

The detection intelligence is a self-hosted PII model — it runs on your infrastructure and is allowed to see real values precisely because it operates entirely inside your environment. The external model that writes the answer receives tokens only. This division of labor is the core of the architecture: local intelligence manages sensitive data; external intelligence does the reasoning.

The token-to-value mapping lives in a vault inside your data center, envelope-encrypted under keys you control. Restore decisions, policy enforcement, and audit all happen on your side of the boundary.

Two ways to run it, one engine#

Salus ships as two products that share the same engine, vault, policy plane, and audit trail:

  • Salus Gateway protects the AI applications and agents you already run — browser AI, desktop AI apps, internal tools, and API traffic are routed through Salus before egress.
  • Salus Workspace is Salus's own AI client — a web and desktop app with the same protection built in natively, delegating each task to a suitable external model.

Neither is the lite option; most customers run both. Gateway vs. Workspace covers the distinction in detail.

You own the platform#

The entire platform — detection models, vault, keys, policy, and logic — deploys inside your environment and runs on your servers. Nothing phones home, and air-gapped operation is supported. Salus, the vendor, has no access path to your vault or your data.