Thoriad is our internal platform for governed citizen automation. Staff describe what they need, AI drafts it, it runs in a locked-down sandbox — and it’s promoted to production only after a human reviews it.
Features
The controls are enforced by the platform, not left to the person writing the code — so citizen automation stays safe by default.
Three-tier scanning: regex, semantic AI, and third-party integration. Catches credit cards, PII, API keys, and proprietary data before it leaves your perimeter.
Five roles, 23 permissions, SCIM v2 provisioning, JIT from your IdP. Your existing identity stack works out of the box.
SHA-256 hash-chained events across 32 event types. Dual-write to hot queryable storage and cold archive. Tamper-detectable by design.
Drafts run in isolated Linux containers with no network unless policy allows it. Credentials are brokered, so user code never holds a secret, and every egress is DLP-scanned.
Every model call routes through an AI Gateway with per-team token quotas and spend caps. One place to see usage — no surprise bills, no shadow accounts.
Cloudflare Workers, Durable Objects, D1, R2, KV. Zero cold starts, 300+ PoPs, no servers to manage.
Architecture
Zero cold starts. 300+ locations. No servers.
How it works
Staff describe the automation they want in plain language. AI drafts the code — no engineering ticket, no waiting.
Every draft executes in an isolated sandbox with DLP, brokered credentials, and policy checks. User code never holds a secret.
Nothing reaches production until a human approves it. Hash-chained audit and SIEM export give oversight the full record.
FAQ
Jupyter and Colab are excellent for research, but they run wherever the person runs them, with whatever credentials that person holds. Thoriad puts governance in the substrate: DLP scanning on every execution, RBAC with granular permissions, hash-chained immutable audit, and policy-driven sandboxing. Citizen automation stays safe by default instead of by hope.
Yes — that's the point. Staff describe what they need, AI drafts it, and it runs in a locked-down sandbox. The controls that used to require an engineer in the loop are enforced by the platform, so more of the team can build safely.
All model calls go through an AI Gateway with per-team token quotas and spend caps. Usage is consolidated into one place with full visibility, so there are no surprise bills and no shadow accounts.
On our own edge infrastructure — structured data, object storage, and session state, with region hints to prefer specific geographies. Sandbox containers are isolated by default, credentials are brokered rather than handed to user code, and every egress is DLP-scanned.
Automations are platform assets, not personal scripts. They can be spun up, persisted, and resumed by the team, and every version is in the audit trail — so there's no key-person risk and nothing walks out the door.
Request access for your team, or talk to the platform team about joining the internal pilot.