Technology
BlueUP is not a standalone product: it's an integrated platform in three layers designed so regulated organizations can adopt agentic AI without compromising security, compliance, or sovereignty.
Platform Architecture
┌─────────────────────────────────────────────────────────────┐
│ LAYER 3: GOVERNANCE & COMPLIANCE │
│ │
│ ComplianceView BlueUPALM (AML/DORA) │
│ Continuous Banking-grade regulatory │
│ monitoring compliance │
│ 96 controls Screening, AML, DORA │
├─────────────────────────────────────────────────────────────┤
│ LAYER 2: SOVEREIGN EXECUTION │
│ │
│ Rust financial engine MCP / LMM Gateways │
│ 162k journals/sec Tool and model │
│ Native multi-GAAP governance │
├─────────────────────────────────────────────────────────────┤
│ LAYER 1: ZERO TRUST REACHABILITY │
│ │
│ BlueUP Connect OpenZiti / NetFoundry │
│ Identity-first Identity-first connectivity │
│ desktop client Dark services by default │
├─────────────────────────────────────────────────────────────┤
│ SUBSTRATE: CRYPTOGRAPHIC IDENTITY │
│ │
│ Keycloak (humans) · SPIRE SVIDs (workloads) │
│ Biscuit Tokens (offline authorization) │
│ OPA (infra policies) · Cerbos (app policies) │
└─────────────────────────────────────────────────────────────┘Layer 1: Zero Trust Reachability
The fundamental principle: without a valid cryptographic identity, no data path exists.
Services have no public IP, don't respond to port scans, don't appear on Shodan. They only "exist" for authenticated identities with matching policy.
| Component | Function |
|---|---|
| OpenZiti | Open-source connectivity substrate: encrypted tunnels, dark services, service policy |
| BlueUP Connect | Desktop client showing users only their authorized services |
| Cryptographic identity | Every agent, service and human has a verifiable Ed25519 identity |
| Dark Services | No inbound ports, no public IP, invisible to the internet |
Technology Partner: NetFoundry
Our connectivity substrate is built on OpenZiti, the open-source platform developed by NetFoundry. As an official NetFoundry partner, we offer both self-hosted deployment and managed connectivity for customers who require it.
NetFoundry is backed by investors including Cisco Investments and partners like Stellar Cyber and Intrusion for high-security environments.
Layer 2: Sovereign Execution
Business logic runs on controlled infrastructure with institutional-grade performance.
| Component | Function |
|---|---|
| Financial engine (Rust) | Multi-GAAP accounting (Sectoral, IFRS, Tax), 162k journals/sec |
| MCP Gateway | Governs which tools agents can invoke, by identity and policy |
| LMM Gateway | Controls access to language models with human approval points |
| gVisor sandbox | Kernel-level isolation per agent and service |
Layer 3: Governance & Compliance
Continuous monitoring and regulatory compliance integrated by design, not bolted on.
| Component | Function |
|---|---|
| BlueUPALM | Banking-grade AML/DORA compliance: screening, incident management |
| ComplianceView | 96 controls aligned with NIST, ISO 27001, DORA, and FINOS. Automated collectors |
| OPA | Centralized access and infrastructure policy evaluation |
| Cerbos PDP | Contextual ABAC/RBAC authorization for business logic |
Identity Substrate
The entire system shares a unified identity model:
| Layer | Technology | Function |
|---|---|---|
| Humans | Keycloak OIDC/PKCE | Federated authentication without static passwords |
| Workloads | SPIRE SVIDs (Ed25519) | Rotating cryptographic identity per service |
| Authorization | Biscuit Tokens v6 | Capability tokens with asynchronous attenuation |
| Encryption | End-to-end mTLS | Mutual verification on every connection |
Complete Technology Stack
| Layer | Technologies |
|---|---|
| Frontend | React, TypeScript, CSS Modules |
| Backend | Rust (Axum), Python (FastAPI), NATS JetStream |
| Security | OpenZiti, Keycloak, SPIRE, OPA, Biscuit Tokens, Cerbos |
| AI & Data | Vertex AI, MCP SDK, vLLM / Ollama (sovereign) |
| Infrastructure | Google Cloud, Kubernetes (Talos Linux), Terraform, Gitea Actions |
| Isolation | Cilium (network), gVisor (kernel), eBPF (observability) |
Design Principles
| Principle | Description |
|---|---|
| Identity as Perimeter | Security doesn't depend on server location, but on verifiable cryptographic identity |
| Dynamic Privileges | AI proposes, but OPA policies and human intervention act as security brakes |
| Minimum Blast Radius | A compromise in one agent never translates to a systemic breach |
| Compliance by Design | DORA, AML, AI Act and GDPR are architectural requirements, not add-ons |
| Data Sovereignty | Processing never leaves controlled infrastructure |
Want to dive deeper into the architecture?
Download our technical whitepaper on identity-first architecture for agentic AI.