Technology

Architecture built for environments where
compromise is not acceptable.

This page explains how Xyra works at a technical level — the decisions made, the reasons behind them, and what they mean for the organisations that deploy the platform. Every architectural choice reflects a single principle: the organisation deploying Xyra must remain in complete control, permanently.

Architecture

Air-Gapped by Design.
Not by Configuration.

Most security measures work by making unauthorised access difficult. Air-gapping makes it physically impossible. Xyra's analysis core has no network interface connecting it to the internet or any external system. There is no firewall to bypass, no VPN tunnel to intercept, no API endpoint to probe. The attack surface does not exist.

The system operates across two functionally and physically separate layers. The Collection Layer handles open-source data gathering on internet-connected infrastructure — it holds no classified information and performs no intelligence analysis. The Analysis Core receives data through a controlled, one-way manual transfer process. All AI processing, storage, querying, and report generation happen within this isolated environment. Nothing moves outward.

This architecture was chosen not as a compliance checkbox but because it is the only approach that gives a national security organisation genuine confidence that their intelligence corpus is inaccessible to foreign actors, commercial surveillance, or sophisticated cyber operations.

Collection LayerInternet-connected, no classified data, no analysis functions
Transfer ProtocolManual, controlled, logged and audited — human oversight at every step
Analysis CoreZero outbound connectivity, all processing on-premise
Attack SurfaceNone — no network interface, no remote access capability
Data DirectionOne-way inbound only — nothing transmitted outward under any condition
COLLECTION LAYER Internet-connected · No classified data Internet News Portals Social Media Telegram Forums Gov Portals YouTube Reddit / X 300+ Sources COLLECTOR Deduplication · Normalisation Language Detection · Staging No analysis performed here PHYSICAL AIR GAP CONTROLLED MANUAL TRANSFER Logged · Audited NO RETURN PATH ANALYSIS CORE Air-gapped · Zero outbound connectivity Multiple Related AI Models Intelligence Database Query Engine Report Generator Advisory Personas Analyst Dashboard PHYSICALLY ISOLATED No NIC · No WiFi · No Bluetooth No USB except managed transfer OPEN INTERNET GAP SOVEREIGN ENVIRONMENT
AI Models

No Black Boxes.
No Hidden Dependencies.

Every AI model running inside Xyra is open-source. This is not a cost decision — it is a security and sovereignty decision. When a government organisation deploys a closed, proprietary AI model, it has no way to verify what that model does, what data it may transmit, or whether it contains undisclosed capabilities. Independent audits require vendor cooperation. Trust is unavoidable.

Open-source models eliminate that dependency entirely. Every line of code can be inspected, audited, and verified by the deploying organisation's own technical staff — without asking the vendor for permission. The global security research community continuously scrutinises these models. Vulnerabilities are found and patched in the open, not quietly exploited.

Xyra's model-agnostic architecture means the platform is not locked to any single model. As superior open-source models emerge — and they emerge regularly — they can be integrated without architectural changes.

Core LLMsDeepSeek R1, Qwen, Llama family — all open-source, all locally hosted
Model HostingAll models run entirely on-premise — no API calls to external providers
AuditabilityFull source code accessible for independent security review at any time
Model AgnosticNew open-source models integrated as they become available
No Vendor Lock-inModel selection not tied to a proprietary platform or licence
DS R1 DeepSeek R1 Deep reasoning & complex analysis OPEN SOURCE Q Qwen Multilingual & document processing OPEN SOURCE Ll Llama Flexible general intelligence OPEN SOURCE XYRA ANALYSIS CORE All models run locally · No external API calls Fully auditable · No hidden dependencies 100% SOURCE CODE ACCESSIBLE
Language

The World Does Not
Operate in English.

Intelligence that cannot read the language of a threat is not intelligence — it is a gap. Xyra was built from the ground up to process, analyse, and cross-reference content natively across more than 20 languages. Native processing means the analysis happens in the source language — not translated first, then analysed. Translation introduces errors, loses nuance, and strips the cultural and political context that often carries the most analytical weight.

This matters most at the edges. Commercial platforms handle English well and major global languages adequately. They fail at regional languages, border dialects, and low-resource scripts — precisely the languages where early warning signals are most likely to appear in environments like South Asia and Southeast Asia.

Cross-language search means an analyst can submit a single query and retrieve relevant content from across the entire corpus — regardless of the language each piece of content was written in. Entity names, locations, and concepts are matched across scripts and transliteration variants automatically.

Languages20+ — Bengali, English, Hindi, Urdu, Arabic, Burmese, Mandarin, Russian, Farsi, and regional dialects
Processing MethodNative in-language analysis — not translate-then-analyse
DetectionAutomatic across all ingested content — no manual tagging required
Cross-Language SearchSingle query retrieves results across all language sources simultaneously
Script SupportLatin, Arabic, Bengali, Devanagari, Burmese, CJK character sets
Xyra 20+ LANGUAGES SOUTH ASIA Bengali · বাংলা Hindi · हिन्दी Urdu · اردو MIDDLE EAST Arabic · عربي Farsi · فارسی SOUTHEAST ASIA Burmese · မြန်မာ Thai · ภาษาไทย EAST ASIA & INT'L Mandarin · 中文 Russian · Русский English + more
Sovereignty

Your Data. Your Premises.
Your Control. Permanently.

Data sovereignty is not a setting you configure — it is an architectural property that either exists or it does not. Cloud-based intelligence platforms, regardless of their contractual commitments, create a structural dependency on external infrastructure. The vendor's servers hold copies of your data. The vendor's staff can access those systems. Foreign jurisdictions can compel disclosure. The vendor can go out of business, be acquired, or change their terms.

Xyra eliminates this dependency at the architectural level. The platform runs on hardware installed at your premises, procured transparently, and owned outright by your organisation. Once deployed, it operates with no outbound connectivity and no dependency on any external service remaining available. There is no subscription that can be remotely revoked, no licence key that requires online validation, and no vendor infrastructure that must stay operational for your system to function.

This is what genuine data sovereignty looks like. Not a contractual promise — a physical reality.

Hardware OwnershipProcured transparently, owned outright by the client organisation
Data LocationExclusively on client premises — no copies held externally
Vendor DependencyZero — platform operates fully independently once deployed
Remote RevocationNot possible — no licence validation, no online dependency
Foreign JurisdictionNone — no data held in any external data centre
CLOUD PLATFORMS XYRA Vendor Access Staff can access your data systems Foreign Jurisdiction Risk Courts can compel disclosure Subscription Dependency Access revoked if payment lapses Remote Revocation Risk Vendor can disable your system Acquisition / Shutdown Risk Vendor failure ends your access Client-Owned Hardware Procured transparently, fully owned No External Copies All data exclusively on-premise Zero Vendor Dependency Operates fully independently No Remote Access No licence key, no online validation Permanent Independence Continues regardless of vendor status STRUCTURAL RISK PHYSICAL REALITY
Architecture

Built to Evolve.
Not to Be Replaced.

Most enterprise software platforms reach an end-of-life point where the cost of upgrading to the next version equals or exceeds the cost of replacing the system entirely. This happens because capabilities are tightly coupled — changing one component requires rebuilding others. Organisations end up locked into a version of the platform that is falling behind the technology it depends on.

Xyra is built on a modular architecture where each capability operates as an independent component. The OSINT monitoring layer can be updated without touching the analysis engine. A new AI model can be integrated without modifying the reporting pipeline. A custom module built for a specific organisational requirement sits alongside the core platform without disrupting it. When a better open-source model is released — and in the current environment, that happens regularly — it is integrated in days, not months.

The sprint-based development model reinforces this. New capabilities are scoped, agreed, built, tested, and deployed in monthly cycles. Organisations are not waiting for an annual release — they are receiving continuous, incremental improvements based on their own operational priorities.

Module IndependenceEach capability operates as a standalone component
Upgrade PathIndividual modules enhanced or replaced without system-wide impact
Custom DevelopmentOrganisation-specific modules built alongside core platform
Model IntegrationNew open-source AI models integrated without architectural changes
Development CadenceMonthly sprint cycles — continuous delivery, not annual releases
XYRA CORE API · Data Bus · Shared Services OSINT Monitoring Multi-Language AI Analysis Document Intel Auto Reports AI Advisory Dashboard API Access ↻ Upgradeable + Custom Module MONTHLY SPRINT DELIVERY · CONTINUOUS IMPROVEMENT

Five principles. Every decision
measured against them.

01

Physical Isolation

If the analysis core is not physically isolated, it is not secure.

02

Open Auditability

If the code cannot be inspected, the system cannot be trusted.

03

Language Completeness

If it cannot read the language of a threat, it is not intelligence.

04

Absolute Ownership

If the data is not on your hardware, it is not fully yours.

05

Continuous Evolution

If the architecture cannot adapt, it will be obsolete before it is paid for.

The architecture is transparent.
So is our engagement process.

We explain how the system works before we ask for a commitment. Technical evaluations, architecture reviews, and live demonstrations are available to authorised procurement leads from government and institutional organisations.

Request a Technical Briefing Explore the Platform

All technical briefings conducted under NDA.