State Your Intent
AI Proposes Action
You Decide
DropOps delivers AI-powered infrastructure operations through lightweight agents that connect to local DropOps services. Manage your systems in natural language — the AI proposes, you approve, the Operator executes. Fully air-gapped. No standing privileges.
From message to execution — with you in control
Every command flows through a secure, human-gated pipeline. The AI reasons and proposes; you approve; the Operator executes on your infrastructure.
You send a message
Natural language or direct shell syntax. Describe what you need done — the AI figures out the rest.
AI Agent proposes an action
The DropOps AI Agent gathers context from your bound Operator and proposes a specific command or file operation with a full explanation.
You approve or deny
Every state-changing operation requires your explicit approval. No autonomous execution. AI proposes — you decide.
Sentinel pre-execution check
58 MITRE ATT&CK-mapped threat detectors analyze the command before it runs. Dangerous patterns are blocked even if the AI was manipulated by prompt injection.
Operator executes & Sentinel scrubs
The Operator runs the command on your infrastructure. Raw output is stored locally. Sentinel scrubs 36+ DLP patterns before any data leaves the Operator.
AI analyzes & responds
The AI reasons about scrubbed output, plans next steps, and presents results. Full audit trail retained locally via LFAA.
Bedrock principles, not toggleable features
Non-negotiable design constraints enforced at the system level — not policy documents or best-effort compliance.
Zero Standing Privileges
AI starts with zero permissions. Access granted only through explicit human approval, scoped to specific intents, revocable instantly. Operator permissions expire after 1 hour and reset to zero.
Fully Air-Gapped
No internet required. No external connections. All DropOps services run locally on your infrastructure. Nothing leaves your network.
Local-First Data Sovereignty
The Operator is the system of record. With Sentinel enabled (default), sensitive data is scrubbed before leaving the Operator. Full audit trail retained on your infrastructure under your control.
Mandatory Human-in-the-Loop
All state-changing operations require explicit human approval. No autonomous execution. AI proposes, you decide, then it executes. Responsibility, accountability, and intent remain human concerns.
Sentinel Bidirectional Security
Pre-execution blocks 58 MITRE ATT&CK-mapped dangerous commands before they run. Post-execution scrubs 36+ DLP patterns — credentials, IPs, PII — before any data leaves the Operator.
Cryptographic Security
Three-layer Operator authentication: API key + server certificate pinning + mTLS client authentication. AES-256-GCM encryption at rest, TLS 1.3 in transit, cryptographic commit hashes for audit integrity.
A single binary. Any Linux system. Any scale.
The Operator is a language and platform agnostic specification for AI-powered execution agents. The Go reference implementation ships as a single ~10MB binary with no dependencies.
Operator
The Go reference implementation. Runs on any Linux system. Fully air-gapped — no internet required. Runs as the user who started it and cannot elevate its own privileges.
- Shell execution (bash, sh, standard Linux commands)
- File operations with approval workflow
- Service management (systemctl, docker)
- Package management (apt, yum, pip)
- Browser-based terminal — no SSH required
Fleet Deployment
Deploy across thousands of systems with Fleet Device Link. A single install command registers Operators to your local DropOps services. Manage production, staging, and dev from a single interface.
- Fleet Device Link (up to 10,000 devices)
- All standard Operator capabilities
- Multi-operator binding
- Batch approvals across systems
Zero Standing Privileges
Intent-based policy execution with Zero Standing Privileges and Just-in-Time access. A two-role architecture ensures the AI starts with zero permissions and requests only what it needs, when it needs it.
- Zero Standing Privileges — starts with zero access
- 45+ pre-defined intent policies
- DENY-only permission boundary
- All permissions revocable through conversation
- 1-hour TTL with automatic reset
Operator Terminal — SSH without the attack surface
Browser-based CLI access to bound Operators. Chat with AI for guided workflows or use /run <command> for direct execution. No SSH keys. No VPN. No inbound ports.
| Aspect | SSH | Operator Terminal |
|---|---|---|
| Inbound Ports | Port 22 required | Zero inbound ports |
| Key Management | Distribute & rotate SSH keys | Single API key per Operator |
| NAT / Firewall | Requires port forwarding | Works behind any NAT |
| Client Software | SSH client required | Any web browser |
| Audit Trail | Manual logging setup | Built-in LFAA (automatic) |
| Threat Detection | None | Sentinel pre-execution blocking |
| Data Scrubbing | None | Sentinel filters sensitive output |
Built for regulated environments
DropOps exceeds NSA Zero Trust Implementation Guidelines in 6 of 7 pillars, addressing Discovery Phase ZIG, Phase One ZIG, and Phase Two ZIG (January 2026).
Government & Defense
Designed for federal environments with Zero Trust alignment to NSA ZIG. Veteran-owned small business (VOSB) eligible for set-aside contracts and GSA Schedule consideration.
- NSA ZIG Phase 1 & 2 alignment
- MITRE ATT&CK mapped detectors
- FedRAMP architecture aligned
- CMMC architecture aligned
- Air-gapped deployment
Healthcare (HIPAA)
PHI remains on-premises through Local-First Audit Architecture. PHI never leaves your infrastructure. Business Associate Agreement available.
- PHI detection & scrubbing (36+ DLP patterns)
- Local-First data retention
- AES-256-GCM encryption at rest
- Tamper-evident audit trails
- BAA available
Enterprise
Deploy across thousands of devices with Fleet Device Link. Integrate with existing SIEM, PAM, and identity infrastructure. Multi-operator binding for cross-system operations.
- Fleet deployment (up to 10,000 devices)
- SIEM integration (JSON/CSV/SSE)
- Industry-aligned DLP patterns
- mTLS with private CA
- Team management & shared Operators
NSA Zero Trust Implementation Guidelines Alignment
| ZIG Pillar | Status | DropOps Implementation |
|---|---|---|
| 1. User | EXCEEDS | Human-in-the-loop for all operations, JIT access with 1-hour TTL, UEBA with quantified risk scoring (0–100), behavioral anomaly detection |
| 2. Device | EXCEEDS | Device Link, Fleet Device Link (10,000+ devices), system fingerprinting, mTLS with certificate pinning, CRL-based revocation |
| 3. Application & Workload | EXCEEDS | Sentinel pre-execution threat detection (58 MITRE ATT&CK-mapped patterns), CI/CD security scanning, zero standing privileges |
| 4. Data | EXCEEDS | Sentinel bidirectional protection, 36+ DLP labels, Local-First Audit Architecture, industry-aligned DLP patterns |
| 5. Network & Environment | COMPLIANT | Fully air-gapped, mTLS with private CA, network segmentation via Kubernetes, zero external dependencies |
| 6. Automation & Orchestration | EXCEEDS | Zero Standing Privileges with two-role separation, Sentinel automated threat blocking (SOAR), 45+ intent policies, 1-hour TTL |
| 7. Visibility & Analytics | EXCEEDS | SIEM-ready audit exports (JSON/CSV/SSE), MITRE ATT&CK technique IDs on all threat signals, 58 pre-execution detection patterns |
Ready to see it in action?
Contact us for a demo. Fully air-gapped. No external dependencies. Full human control from day one.