Deployment ownership
AXOS is designed to run in infrastructure controlled by the customer or their appointed hosting partner.
Trust & security
AXOS is positioned for teams that need clear operational boundaries before they evaluate AI. This page summarises the controls and review areas that matter during a technical assessment.
AXOS is designed to run in infrastructure controlled by the customer or their appointed hosting partner.
Application data, uploaded documents, generated outputs, and logs stay inside the chosen deployment environment.
Production deployments should terminate HTTPS at the reverse proxy and use TLS for public service traffic.
AXOS supports role-based administrative patterns and is intended to sit behind customer identity and network controls.
Operational events, registration activity, and application failures should be logged for review and incident handling.
Security and procurement questions can be routed to ScotiTech for technical review before deployment.
For enterprise review, AXOS should be assessed with concrete deployment and operations evidence rather than marketing claims. These are the areas we recommend covering in a technical review.
Customer content should be processed only for the requested workflow and retained according to the deployment policy agreed with the customer.
Production deployments should include monitored health checks, container restarts, database backups, and documented rollback steps.
Security questions, DPA requests, SLA expectations, and support routes should be reviewed before any production rollout.
Security questions, vulnerability reports, and procurement requests can be sent to the contacts below. We aim to acknowledge security reports within two business days.
Last updated: June 2026