skip to main content

← All one-pagers

Archetype C — Niche regulated enterprise

Syncanix for niche regulated enterprise

Maritime cybersecurity vendors, industrial-OT SOCs, and regulated identity platforms run a customer dashboard that is the product. Support is high-stakes — a missed alert is a vessel offline; a fumbled write is a regulator letter. They will not adopt an AI agent that lacks a per-tenant audit log, EU residency, or a credible on-prem path. Syncanix ships all three on day one — so the security review opens with "yes, show me the packet."

Who it is

  • EU-primary (Athens/Hamburg/Rotterdam/Tel Aviv/Oslo); 100–800 employees, $20M–$300M ARR; IMO 2021 / IACS / NIS2 / SOC 2 / ISO 27001 / HIPAA-regulated.
  • The post-auth dashboard IS the product; public docs portal usually absent; chat lives inside the dashboard.
  • SAML/SSO mandatory; single-tenant or per-customer-VPC common; air-gapped/private-cloud requested by ≥30% of pipeline.
  • Buyer: Head of CS / VP Product, routed through a CISO + General Counsel; 3–6 month cycle; $100k+ ACV.

The pain

  • High-stakes, low-volume support — per-seat AI bots are priced for SaaS volume, not SOC stakes.
  • Audit log is the product — a bot that doesn’t stamp its actions onto the customer’s audit log is inadmissible.
  • EU residency, on-prem, BYOK are non-negotiable RFP line items — US-only inference planes lose at security review.
  • Write actions on critical infrastructure require identity-attributable governance or they’re a P1 waiting to happen.

How Syncanix solves it

  • Audit log as a tier-one product surface — every read/write/model-call on an identity-attributable row (end_user.id → agent.run_id → tool.endpoint) with action_mode + dry_run_diff + idempotency_key + rollback.
  • EU data residency on day one — all data pinned to the EU region, documented in the data-flow diagram.
  • On-prem / private-cloud path — a single-tenant deployment runs in the customer’s own cloud environment without code drift.
  • BYOK + per-tenant KMS — on Enterprise the customer holds the key; Syncanix brokers the cipher, not the plaintext.
  • Compliance packet ready to ship — SOC 2 Type II in flight, ISO 27001 scoped, OWASP LLM Top-10 documented; MSA/DPA/AI-addendum/SCCs/BAA templates on hand.

The wedge

  • Per-tenant audit log + EU residency + on-prem path — all three, no asterisks, no "Q4 roadmap" caveat.
  • The security packet is the opening of the conversation, not the close.

Pricing path

  • Lands on the Enterprise tier — outcome-based per-resolution pricing with BYOK, Private MCP, SSO/RBAC, EU residency, on-prem option, named CSM.
  • Pilot starts on Growth/Scale against the post-auth dashboard surface before the Enterprise contract.