◆ Under SwarmForge

What lies under SwarmForge

An architecture designed for the constraints of regulated professions — multi-agent orchestration, secured edge, native compliance. No marketing copy here: if you want to verify, NDA inspection is open.

Architecture & Orchestration

An asynchronous orchestrator that coordinates specialised AI agents via orchestrated workflows and long-running cycles — on your premises, with no cloud transit.

The orchestrator distributes work across specialised agents — extraction, verification, drafting, quality control, archiving. Every tenant runs in a strictly isolated execution scope: task queues, model sessions, caches, and quotas never share state. A dynamic agent-binding layer connects agents to external sources (files, CRM, document management, business databases) declaratively — adding a source requires no platform redeployment, and every access is gated by an explicit per-tenant policy. For workflows spanning several days — notarial signatures, adversarial assessments — the platform models each business step explicitly, with native resumption and no state loss.

multi-agent orchestrationorchestrated workflowslong-running cyclesmulti-tenant

Edge & Cryptography

SwarmBox — the secure bridge between centralised AI and physical environments. Our secure proprietary protocol, modern cryptographic primitives, a TPM 2.0 hardware anchor.

SwarmBox connects the orchestrator to field equipment — IoT sensors, on-premise scanners, document-capture stations. Each box has a hardware identity anchored in a TPM 2.0: the key pair is generated inside the module and never leaves it. Our secure proprietary protocol, auditable under NDA, uses modern cryptographic primitives to guarantee confidentiality, integrity, and replay protection — without relying on generic cryptographic libraries. A SwarmBox that has been physically tampered with triggers an attestation break on the TPM side: the box is isolated without manual intervention, and edge audit logs remain legally defensible.

SwarmBoxTPM 2.0secure proprietary protocoledge gateway

"For thirty years, I have seen too many platforms 'secured on top'. SwarmForge is designed the other way round: we start from GDPR, AI Act, audit, attribution. AI comes next, inside that frame. Security first, AI second."

Frédéric Aime, CTO & co-founder · 30+ years in industrial software security

Models

Local inference by default — quantised GGUF models on your hardware. Cloud allowed only on explicit policy. Integrated benchmarking on your real cases.

SwarmForge runs models locally by default, in quantised GGUF format, on your hardware. No data leaves the infrastructure during local inference; the marginal cost per request is zero. When a cloud model is justified, it activates only under an explicit access policy defined by the operator — PII masking is applied before any data crosses the boundary, and every call is recorded in the audit log. Our internal benchmarking surface evaluates every candidate model against your real documents and cases, not against a global academic average.

GGUFquantisationlocal inferenceper-vertical benchmarking

Compliance by construction

GDPR, AI Act and professional secrecy are architecture layers, not labels. Granular RBAC, automatic PII masking, immutable audit, daily adversarial testing.

RBAC is granular per tenant, role, workflow, and business action. Every access to sensitive data is explicitly governed: read access to a file does not imply export rights. The PII masker is the mandatory checkpoint for every payload sent to a cloud model — identifiers, names, addresses, and numbers are replaced by coherent tokens before transmission. The immutable audit covers 100% of decisions and is designed to be enforceable in GDPR or AI Act inspections. An adversarial testing pipeline runs continuously, independently of the product teams, to detect prompt injection, PII leaks, and privilege escalation — every result is gated by severity before any release.

RBACPII maskingimmutable auditGDPRAI Actadversarial testing

Sovereignty in numbers

A grid of verifiable numbers, each one fit to copy into a procurement file.

Local inference	100% by default (cloud on explicit policy)
Data outside infrastructure	None without RBAC approval
Audit coverage	100% of decisions, immutable audit
Hosting	France, Côte d'Azur, or on your premises
Local models	Local inference on your hardware (quantised GGUF models)
Cloud models	Enabled by explicit access policy — PII masked at the boundary
Native compliance	GDPR · AI Act · professional secrecy

These numbers are measured, not estimated. Yours will be too, during the pilot.

If what you have just read interests you, two doors:

Technical scoping → Inspection under NDA →

Are you a journalist, researcher, or partner? Press / partnership request →