One purchase, not five vendors.
Five security capabilities and a private AI arrive as a single sealed unit — one procurement, one contract, one thing to accredit.
// on-prem · air-gapped · zero egress
For the organisations that can’t send their data to the cloud to secure it.
Five tools.
One black box.
One sealed on-prem appliance. Five production security tools and a private GPU AI, behind a single hardened console. Nothing phones home.
- 5
- Tools
- 0
- Cloud deps
- 100%
- On-prem
// the case for one box
Five capabilities. One line item.
One console, not five logins.
Your team runs the whole operation from a single hardened pane of glass — not five tools, five dashboards and five integrations to maintain.
One audit trail, not five attack surfaces.
Consolidating onto one sealed appliance means one hash-chain audit trail and one defended perimeter — instead of five separate things that can leak.
[ sealed unit — 5 tools + 1 gpu ai ]
Five tools. One console.
Every Onionio tool ships pre-installed, hardened and wired to a private GPU brain. Open the console — your full-spectrum security suite is already running.
OFFENSIVE ENGINE
Onion ROOT
Find it. Prove it. Patch it.
Scans your codebase, then uses local AI to separate real, exploitable flaws from the noise — and writes the proof-of-concept exploit and the patch for each one. You don’t get a backlog of maybe-bugs; you get proven vulnerabilities, already fixed.
Launch tool → DATA REDACTION
Onion Peel
Redaction that never phones home.
Detects and strips PII and sensitive data from documents, spreadsheets, slides and scanned images — on the device, every time. The sensitive material is removed before anything moves, and nothing is ever sent out to do it.
Launch tool → MALWARE AIRLOCK
Onion Gate
Nothing gets in unchecked.
Every file and USB entering the organisation passes through one gate — scanned by multiple engines, quarantined, PIN-gated and hash-chain audited before release. The dirty perimeter stops at the airlock, with a full evidentiary trail for your SIEM.
Launch tool → COMPLIANCE SCANNER
Onion Scope
See every layer.
Read-only collectors map your Active Directory, file shares, PKI and network, then score them against CIS v8, NCSC CAF, Cyber Essentials and NHS DTAC. You get the gaps, the fix for each — and the risk of making that fix — before the auditor finds them first.
Launch tool → SOVEREIGN AI
Onion Chat
Your AI. Your hardware. Your data.
A private LLM assistant running entirely on the appliance’s own GPU, grounded on your own data. Full AI leverage for your team, with none of the exposure — because the prompts, the data and the model never leave the box.
Launch tool →status: air-gapped // cloud_dependency: none
Engineered to be sealed.
5
Tools
0
Bytes egress
100%
On-prem
4
Frameworks
- DEPLOYMENT
- 100% on-prem · air-gapped capable · offline-first
- CLOUD EGRESS
- Zero by default — 0 bytes leave the appliance
- AI RUNTIME
- Local NVIDIA RTX-class GPU · Ollama · no third-party API
- SUITE
- 5 production tools + 1 private AI, one chassis
- CONSOLE
- Single hardened HTTPS console · one pane of glass
- TRANSPORT
- HTTPS via internal CA · reverse-proxied
- ACCESS CONTROL
- Role-based access control (RBAC)
- AUDIT
- Full audit trail · hash-chain integrity
- STORAGE
- Encrypted at rest
- COMPLIANCE
- CIS v8 · NCSC CAF · Cyber Essentials · NHS DTAC
- DATA SOVEREIGNTY
- Your hardware · your data · your control
- THIRD-PARTY API CALLS
- None required for core operation
// defence-in-depth · every layer
One pane of glass. Zero way out.
Five tools, one private AI, one console — and not a single byte’s path to the outside. Every layer is sealed, audited and owned by you.
Zero egress isn’t a promise — it’s the architecture. The appliance has no outbound path by default; every action is written to a hash-chain audit trail you can verify, and the unit runs fully with its link to the outside world disconnected.
class: on-prem // egress: 0 bytes
Built for the buyers who can’t leak.
Onionio is built for the organisations that carry the heaviest data and the lowest tolerance for a leak — where “send it to the cloud to be analysed” is not an answer you’re allowed to give.
Healthcare
When you hold patient data, every tool you use is a new place it can leak. The appliance keeps redaction, scanning and AI on-site — DTAC-aligned, air-gapped, and built so sensitive records never leave your control to be secured.
Built for healthcare → request a briefingGovernment
Sovereignty isn’t a feature here — it’s the requirement. Run offensive testing, compliance scanning and private AI inside your own perimeter, with zero external dependencies and a full audit trail mapped to NCSC CAF and Cyber Essentials.
Built for government → request a briefingEssential services
Critical national infrastructure can’t depend on someone else’s uptime, or someone else’s cloud. One sealed, offline-first appliance puts the entire security operation inside your fence line — and keeps it running whether the link to the outside world is up or not.
Built for essential services → request a briefing CIS CONTROLS v8NCSC CAFCYBER ESSENTIALSNHS DTAC
Mapped to the frameworks your auditors already use — CIS Controls v8 · NCSC CAF · Cyber Essentials · NHS DTAC — so the evidence is ready before they ask for it.
// for your security team
Answers before you ask.
Five tools in one box — isn’t that a single point of failure?
Consolidation reduces attack surface, it doesn’t concentrate it carelessly. Each tool is isolated behind the hardened console and RBAC; the chassis is sealed with zero outbound path. You replace five separately-exposed products and five integrations with one defended, audited perimeter you fully control.
If it’s air-gapped, how do the tools and the AI model get patched?
Updates ship as signed offline update media and are applied on-site — no outbound connection is ever required. You choose when to apply them, and every update is recorded in the same hash-chain audit trail as everything else.
What if Consult First Ltd disappears — do I own a brick?
You own the hardware and the data outright, and your data stays in open, portable formats on the unit. The appliance keeps running offline regardless, and nothing about its core operation depends on us remaining reachable.
How do you actually prove nothing leaves the box?
By default the appliance has no outbound path — it runs fully with its external link physically disconnected. Every action is written to a verifiable hash-chain audit trail, so “zero egress” is something your team can demonstrate, not just take on trust.
Does this fit public-sector procurement and our frameworks?
Yes. Output maps directly to CIS Controls v8, NCSC CAF, Cyber Essentials and NHS DTAC, so the evidence lines up with the frameworks your auditors already use. We support a scoping-and-pilot path that suits public-sector buying.
Who runs it day to day, and what support comes with it?
Your team runs everything from one console — no specialist cloud skills required. A briefing and scoping session sets it up against your environment, and support and warranty terms are agreed as part of the unit.
// how to get one
From enquiry to sealed deployment.
- 01
Request a briefing
A 30-minute technical briefing with your security team — no procurement commitment.
- 02
Scoping & framework mapping
We map the appliance to your environment and the frameworks you report against (CIS v8 · NCSC CAF · Cyber Essentials · NHS DTAC).
- 03
On-site pilot
Evaluate a sealed unit inside your own perimeter, against your own data, air-gapped.
- 04
Sealed deployment
The unit is deployed and handed over — your hardware, your data, your control, with support and warranty agreed.
Suited to public-sector procurement. Pilot units available for evaluation — typical briefing-to-pilot in weeks, not quarters.
Take the whole operation in-house.
One sealed appliance. Five tools, one private AI, zero egress. Own your defence — every layer.
> initialise sovereign security operation
Prefer email? Write to hello@onionio.co.uk.