Gateway APIPrivacy-Max SidecarOn-Prem (Enterprise)Powered by QEIv15™

Deployment

X-40™ is an infrastructure layer. The goal is simple: govern what gets auto-shipped and what must be verified. Deployment is flexible because real organizations have different privacy boundaries, latency budgets, and provider stacks.

1) Gateway API (fast adoption)

Best for teams who want a single control point: your app sends a request to X-40™, and X-40 returns a policy decision (ACCEPT / REQUIRE_VERIFICATION) plus indices and reason codes.

How it works (process)

You route a prompt + model configuration (or a model response) to X-40™.

X-40 evaluates behavioral trace signals and (optionally) QEIv15™ evidence anchors via ResearchCore.

X-40 returns a deterministic policy decision with reason codes (e.g., drift alert, unknowns enforced, forbidden output).

Your system either auto-ships (ACCEPT) or escalates (REQUIRE_VERIFICATION) to a human or secondary workflow.

Typical users: enterprise copilots, customer support automation, finance research assistants, legal/compliance workflows.

2) Privacy-Max Sidecar (strict boundaries)

Best for regulated teams: you call your model inside your own environment, then send X-40 only what you choose to share. This avoids “content custody” and still provides governance decisions and audit signals.

How it works (process)

Your system calls the LLM/ML model directly (OpenAI or another vendor).

You send X-40 minimal telemetry: output text (or hashes), confidence signals, refusal markers, drift indicators, etc.

X-40 applies governance: dual-evidence where available, and deterministic envelopes (unknowns/attack/math) as configured.

You route outcomes: accept, verify, redact, or escalate — inside your compliance boundary.

Typical users: law firms, compliance teams, healthcare admin tooling, finance institutions with strict data boundaries.

3) On-Prem Container (enterprise delivery)

Best for enterprises requiring internal deployment. X-40 runs inside the customer environment, integrated with their security posture, logging, and network controls.

How it works (process)

We deliver X-40 as a containerized package for enterprise environments.

The customer configures provider keys and selects deployment mode (gateway or sidecar) based on data policy.

We calibrate baselines and profiles to the customer’s prompt classes and risk policies (your workloads, not generic demos).

X-40 produces governance decisions + audit logs inside the enterprise boundary.

Typical users: large enterprises, regulated industries, internal AI platforms, teams requiring vendor risk controls.

What a buyer needs to know

Do you have to customize it for every client?

Most of the work is baseline calibration and policy profile selection, not code changes. Different organizations have different prompt classes (finance summaries vs legal drafting vs support replies). We tune baselines and thresholds to match those classes and desired risk posture.

Does it only work with one LLM?

No. When token-level telemetry is available, X-40 can run in Trace Mode. When it is not, X-40 can run in Sidecar Mode. Governance remains consistent while providers/models change.

Commercial model (overview)

X-40™ is licensed as a governance layer: customers pay for governed runs (policy decisions) or for an enterprise deployment package. Exact pricing depends on scale, deployment mode (hosted vs on-prem), and support requirements.

Hosted API: subscription tiers with run allowances + rate limits + onboarding.
Enterprise On-Prem: annual license per environment with SLA/security support.
Baseline onboarding: calibration per prompt class/workload profile (recommended for production).

Request Access / Quote See Integrations

Recommendation: We can add a dedicated “Licensing” page once you decide whether to publish exact tier prices publicly or keep pricing behind first contact (common for enterprise governance products).