Originally published at orquesta.live/blog/security-by-default-keeping-code-local-and-safe
The trend of moving everything to the cloud has brought many benefits, but it has also introduced significant security concerns, especially when it comes to handling sensitive code. With Orquesta, we’ve taken a different approach, prioritizing security by ensuring that your code stays local and within your control.
The Case Against Cloud Sandboxes
Cloud-based development environments offer convenience, but they also come with risks. When your code resides in a cloud sandbox, you inherently relinquish some control over its security. You trust the provider not only to safeguard your data but also to protect your intellectual property from unauthorized access.
Data Exposure Risks
Hosting code remotely means increased exposure to potential data breaches. Even with the most stringent security measures, cloud providers can be targets for attacks, and any vulnerability could compromise your code’s integrity.
Compliance Challenges
Many organizations must adhere to strict data privacy regulations. Storing code, especially sensitive business logic, on third-party servers can complicate compliance with regulations such as GDPR or HIPAA. Keeping code local simplifies these compliance challenges significantly.
Security Principles in Orquesta
Orquesta was built with security at its core, ensuring that your code never leaves your infrastructure. Here’s how we achieve that:
Local AI Agent
Our AI agent runs directly on your machine using the Claude CLI. This means every line of code generated or executed is handled locally. There’s no temporary upload to a cloud server, which eliminates a whole class of security vulnerabilities.
AES-256 Encryption
All sensitive data, including credentials and logs, is encrypted using AES-256. This encryption standard is widely recognized as highly secure, making it computationally infeasible for an attacker to decrypt without the correct key.
{
"encryption": "AES-256",
"data_type": "credentials, logs"
}
Full Audit Trails
Orquesta provides a complete audit trail for every operation: prompts, logs, diffs, and even costs. This transparency ensures that every change is traceable and accountable, and it helps in maintaining operational integrity and security compliance.
Quality Gates and Team Collaboration
Security isn’t just about protecting data—it’s also about ensuring quality and accountability in the development process.
Quality Gates
Before any code is executed, Orquesta simulates changes and requires a team lead to sign-off. This step acts as a quality gate, ensuring that only vetted changes are implemented, reducing the risk of errors and potential vulnerabilities.
Role-Based Permissions
With Orquesta, you can invite team members to collaborate without compromising security. Role-based permissions control who can submit prompts or approve changes, providing a layer of security that’s both flexible and robust.
Balancing Security and Usability
Security measures often complicate workflows, but they don’t have to. Orquesta strikes a balance by embedding robust security features without introducing friction in the development process.
Agent Grid
Our Agent Grid allows you to monitor multiple agents from a single screen, each with live terminal access. This feature not only enhances usability but also ensures that you can oversee every operation in real-time, spotting anomalies or unauthorized actions promptly.
Embed SDK
The Embed SDK allows you to integrate Orquesta into any web app with a single script tag. This ease of integration does not come at the cost of security; all the robust local execution and encryption features are inherently part of the package.
Conclusion: Security Through Control
Security by default is more than a feature; it’s a philosophy. By keeping code local and under your control, Orquesta provides a secure development environment that respects both your privacy and your need for flexibility. In an era where data breaches are increasingly common, this approach is not just prudent—it’s essential.
Top comments (0)