The AI employee,
built for your security team.
Deploy Diana across thousands of employees without compromising control. SSO, SCIM, audit logs, model routing, domain allowlists, custom DPAs - the guardrails your legal and security teams expect, without slowing down the people who just want to get work done.
Security is the foundation, not an add-on.
Every Diana plan already ships with the core safety layer. Enterprise unlocks the controls, reporting, and contractual commitments you need to roll out at scale.
Defense-in-depth by default
The Governor screens every message before it reaches the model, blocking prompt injection, data exfiltration, and off-policy requests in real time.
Per-employee credential isolation
Each user gets a walled-off Diana with their own encrypted credentials. Secrets are scoped to the moment of use - never exposed to the model or other employees.
Full observability
Structured audit logs capture every tool call, approval, and output. Stream events to your SIEM or export to S3 for long-term retention.
Admin controls
Everything IT, security, and legal teams ask about - in one workspace.
SSO & SCIM
SAML / OIDC single sign-on via Okta, Azure AD, Google, and JumpCloud. SCIM 2.0 provisioning keeps access in sync with your IdP.
Role-based access control
Workspace, team, and individual scopes. Decide who can run which tools, connect which apps, and approve which actions.
Domain allowlists & content policies
Restrict browser actions to approved domains. Define regex-based DLP rules to redact sensitive fields before they leave the workspace.
Model selection & routing
Pin specific foundation models per workspace. Route sensitive requests to on-region or dedicated endpoints. Disable models company-wide with one toggle.
Audit logs & task observability
Every action is reviewable - prompts, approvals, tool calls, results. Export to your SIEM or query via API.
Custom DPA & SLA
Mutual NDAs, enterprise MSAs, data processing addenda, and uptime SLAs negotiated to match your procurement bar.
Compliance
SOC 2 Type II
Annual audit against the Trust Services Criteria.
GDPR & CCPA
DPAs, subject access requests, and regional data residency on request.
HIPAA-ready
BAAs available for healthcare and benefits deployments.
Zero data retention
Prompts and outputs are never used to train foundation models.
A guided rollout, not a rip-and-replace.
Most enterprise customers are live within 14 days. Our team runs the deployment end to end, from security review to first production workflow.
Scoping call
Review your identity provider, security requirements, and the top workflows you want Diana to cover.
Security review
Share your vendor questionnaire. We reply within 48 hours with our SOC 2 report, DPA, and architecture documentation.
Guided rollout
A dedicated solutions engineer configures SSO, policies, and integrations, then runs a pilot with your first team.
Org-wide launch
We train champions, publish usage dashboards to your admins, and stay on a shared Slack for the duration of the contract.
Ready to bring Diana to your whole company?
Tell us about your stack and security requirements. We'll respond within one business day with a tailored plan and security packet.