Security

Security claims should map to controls you can inspect.

TOW exposes concrete choices for cloud, self-hosted, or fully air-gapped operation, authentication, permissions, AI providers, review, and export.

Control surface

Controls across the workspace boundary.

Identity

Organisation authentication settings and OIDC provider integration.

Authorisation

Organisation roles, project visibility, restricted docs, and portal scopes.

AI

Provider configuration, BYOK options, full disable controls, and human review.

Data

Self-hosted storage choice, uploads, export paths, and administrator-managed backups.

Application

Security headers, safe external requests, secret handling, and scoped services.

Docker

Air-gapped operation

Operate the Docker Compose deployment and its dependencies without external network access.

Control point

Built by people who know critical environments.

TOW was built in Germany by security professionals with 20+ years of critical-security experience.

  • Precise control statements
  • Human-reviewed AI
  • Permission-aware context
  • Deployment choice

FAQ

Questions worth answering clearly.

Current product, deployment, and commercial boundaries.

Can TOW operate fully air-gapped?

Yes. A Docker Compose deployment can run fully air-gapped when TOW and every configured dependency remain inside the isolated environment.

Is TOW SOC 2 or ISO certified?

No certification claim is made.

Can administrators control AI providers?

Yes. Administrators can configure provider settings, use BYOK options, connect a locally reachable provider, or disable AI.

Does self-hosting make a deployment secure by itself?

No. The operating organisation remains responsible for infrastructure, proxy/TLS, secrets, identity, backups, monitoring, updates, contracts, and incident response.

See TOW in your environment

Bring work, knowledge, and review into one controlled workspace.

Product screenshot