Cybersecurity-as-a-Service

The SAIC Platform

A standards-based, post-quantum resistant cryptographic key management protocol with fine-grained AI policy control. The same enforcement model applies everywhere your data moves. One platform for every use case — from emails to data lakes, IoT devices to cloud workloads.

Request a Demo API Documentation
Jump to: Monitor ·Key Management ·Governance ·Audit & Compliance ·API ·Integrations · Developer Tools ↗
Zero
Keys stored server-side
3 lines
To integrate
7 SDKs
Languages & platforms
One model
Every channel

Real-Time Monitoring

Your security command centre

A unified dashboard with real-time visibility into every encryption operation, AI-detected anomaly, and compliance signal — so teams can spot issues early and contain them before they spread.

Centralised Dashboard

Active keys, operation volumes, compliance scores, and anomalies — with drill-down by product, team, and data classification.

Severity-Prioritised Alerts

AI triages and escalates by severity (Critical / High / Medium). Routes to email, Slack, or PagerDuty with response tracking.

AI-Powered Recommendations

Surfaces keys to archive, policy gaps, and configuration fixes — each with impact and a suggested next step.

Platform Architecture

Two engines, one unified platform

SAIC combines a post-quantum cryptographic PaaS with an AI-driven policy PaaS, operating above the transport layer to protect applications and data at their foundational level — limiting blast radius when something goes wrong.

01 Post-Quantum

Cryptographic PaaS

Post-quantum resistant engine operating above the transport layer — securing applications and data at the foundational level. Built on NIST-approved standards from day one.

PQ Crypto Engine
Standards-based post-quantum key generation
User Management
RBAC: HumanUser, DeviceUser, ExternalUser
Decentralised Key Management
On-demand computation, zero server-side storage
Policy Engine
Time, geo, access count constraints
Cryptographic agility
Evolve algorithms as standards change — without redesigning your apps
NIST
Approved standards
PQ
From day one
0
Keys on any server
02 AI-Driven

AI Policy PaaS

Distributed AI and machine learning engine providing policy-based malware prevention and privacy-enhanced federated learning.

AI Engine
Malware Prevention
Federated Learning
Anomaly Detection
Fused signals
Adaptive ML
Automated playbooks

Where SAIC Operates

ISO 7-Layer Model — unlike transport-layer encryption (TLS/SSL), SAIC protects data at rest, in transit, and in use

L7 Application
SAIC operates here
L6 Presentation
L5 Session
L4 Transport
TLS/SSL only
L3 Network
L2 Data Link
L1 Physical
AI Engine — portal.scipherx.com
ScipherX SAIC AI Engine showing org-wide templates, geo-fencing, and policy playbooks

The SAIC AI Engine — live portal view

How SAIC is built

Cryptographic isolation

Each operation uses minimal key material — no global keys reused across contexts.

Revocable encryption

Withdraw access after data is shared — unlike static email attachments or file links.

Cryptographic agility

Swap algorithms as standards evolve — see our white papers for the architecture.

Breach containment

Security is not only confidentiality — the design limits how far a compromise can spread.

Channel-agnostic

One protection model across email, files, APIs, and internal workflows.

Decentralised Key Management

Zero keys stored on any server.
Ever.

SAIC isolates key material to each operation and context — no global keys reused across apps or tenants. The distributed architecture removes the single point of failure of traditional KMS: keys are computed on-demand and never persisted on any server.

On-demand key computation
Keys are computed at the moment they're needed, from distributed server shards. No server ever holds a complete key.
Standards-based PQ distribution
Built on NIST-approved post-quantum cryptographic standards, ensuring long-term security against quantum computing attacks.
DoS-tolerant distributed architecture
In practice, 2-3 servers are sufficient. Higher tolerance to denial-of-service attacks and server compromise.
Client-side operations only
Encrypt and decrypt in your app; ScipherX never sees plaintext. Keys arrive on a separate, policy-governed path so payloads and key material never meet on our servers.

Distributed Key Request Flow

1
Client Application
Initiates key request
2
Front Server S1
Routes request securely
3
Server S2 … Sn
On-demand key computation
4
Key Returned to Client
Never stored — used immediately
Standards-based secure channels between all servers
DoS TolerantPQ ResistantZero Storage

RBAC & Policy Engine

Granular control at every level

SAIC implements Role-Based Access Control with a rich constraint system — including revocable encryption so access can be withdrawn after data is shared, unlike static attachments or shared links.

User Roles

Administrator
All permissions
Admin
Owner
Encrypt, Decrypt, ACL management
Owner
Sender
Encrypt only
Sender
Receiver
Decrypt only
Recv
DeviceUser
Configurable per device
Device
ExternalUser
No fixed identity required
Ext

Policy Constraints

Time Limit

Set expiry windows — 30 min to 30 days. After expiry, access is automatically revoked without re-encryption.

dec_time_not_after: 7d
Access Limit

Restrict how many times a document can be decrypted. Prevent unlimited forwarding.

dec_max_calls: 3
Geo-Fencing

Allow or deny decryption by region for residency and compliance.

dec_loc_allowed: UK, EU
Keys — portal.scipherx.com
ScipherX Key Management console showing key inventory with tags, status, and access controls

Key inventory with full tag-based policy coverage

Constraint combinations

Policies travel with the data, not just the platform.

Developer-First

3 lines of code.
Enterprise-grade security.

The SAIC API hides sophisticated backend interactions — key generation, encryption, secure transmission, and policy enforcement — behind an elegant interface. Backed by robust enterprise infrastructure designed to handle the most critical data protection challenges.

Supported Languages & Platforms

C++ Python Java Node.js / TypeScript iOS (Swift) Android (Kotlin)
Get API Access Read White Papers

Using Claude, Cursor, or an AI coding assistant? → Explore SAIC MCP Access

saic_example.py 
import saic

# Initialise with 3 lines
client = saic.Client(api_key="your-key")
policy = client.policy(geo="UK,EU", expires="7d")
encrypted = client.encrypt(data, policy=policy)

# Decrypt — client-side only
# Server never sees plaintext
plaintext = client.decrypt(encrypted)
PQ-resistant encryption applied
Geo-fencing & time limits set

Minimal Code, Maximum Security — Fast, Scalable, and Secure

Usage Analytics — portal.scipherx.com
ScipherX usage analytics dashboard showing encryption operations, key lifecycle, and AI recommendations

Real-time usage analytics — track every encryption operation across all datasets

Integration & Compliance

Designed for your existing ecosystem

ScipherX SAIC integrates seamlessly with your existing IT infrastructure — no rip-and-replace, no complex migrations.

Email
Files
APIs
Workflows

Zero-Friction Integration

  • Connects to existing MSSP
  • Integrates with orchestration tools (Zapier, etc.)
  • No capital expenditure required
  • Subscriber-based pricing model

Compliance Built-In

  • GDPR compliance with geo-fencing
  • HIPAA-ready audit trails
  • ISO/IEC 27001 aligned
  • SOC 2 controls automated

Enterprise Scale

  • Internet-scale population support
  • Franchise model for global deployment
  • Multi-tenant B2B & B2C
  • White-label support
Compliance Reports — portal.scipherx.com
ScipherX compliance dashboard tracking GDPR, HIPAA, SOC 2, and PCI-DSS frameworks with automated evidence collection

Automated compliance tracking across GDPR, HIPAA, SOC 2, and PCI-DSS

Data Governance

Visibility into all your encrypted data.
Without ever seeing it.

SAIC's Governance layer gives your security team real-time oversight of every encrypted dataset across the organisation — access patterns, data lineage, risk signals, and dynamic controls — all without the platform ever processing plaintext.

AI Engine

Runtime policy adjustments, anomaly alerts, and enforcement — without re-encryption. The same engine can orchestrate approved client-side AI processing on your data (for example, summarisation) while keeping plaintext off ScipherX servers.

Policy & client-side AI

Key Request Visualisation

Pan-regional, multi-dimensional visualisation that keeps complex access activity legible — patterns and outliers surface before they become incidents.

Governance view

Dynamic Access Control

Revoke or grant access to encrypted data instantly — without re-encrypting. Shrinks the active access footprint when risk changes. Just-in-time access for privileged operations; AI recommends and operators approve or auto-enforce.

Instant revocation

Audit & Compliance

Tamper-proof. Always audit-ready.

Immutable audit logs with real-time streaming, AI-powered event correlation, and built-in compliance reporting for every major regulatory framework.

Audit Log Capabilities

  • Immutable, tamper-proof audit trail
  • Stream and filter by user, operation, key, IP, and location
  • AI-assisted correlation for faster investigations
  • SIEM export to your security analytics stack
  • Structured evidence for investigations and audits

Compliance coverage

SAIC is built to support compliance-oriented workflows: structured evidence, access lineage, and exportable reports your assurance teams can map to the obligations that apply to you. You remain responsible for interpretation, scope, and attestation — the platform supplies the operational record.

Examples of regimes the product surface is designed around

GDPRSOC 2 Type IIHIPAAPCI-DSS

Generate audit-ready documentation (for example PDF or DOCX) and stream events into your existing GRC or SIEM stack.

Read the research behind SAIC

Our technical white papers detail the cryptographic architecture, RBAC model, AI engine, and how cryptographic agility works as standards evolve — all on the SAIC platform.

View White Papers

Ready to build on SAIC?

Get API access and start protecting your application in minutes. Our team of cryptography experts will guide your integration.

Request API Access Explore Use Cases