LumeSec is built for European institutions deploying AI in production while needing to control regulatory, security, and operational risk — primarily banks, insurers, regulators, critical infrastructure, and any organisation with strict requirements around governance, traceability, and sovereignty. We work mostly with technical and regulatory leadership — CIOs, CISOs, Heads of Compliance, risk teams, and platform engineering — on the deployment and operating surface of AI systems, not on the selection of individual models.

AIOP is the LumeSec AI Operating Platform — the operating layer beneath the AI models an organisation already uses. The platform enforces three operational primitives — Correlate, Contain, and Attest — across an 8-layer reference architecture. The result: AI systems that are auditable, controllable, sovereign by deployment, and signed end-to-end.

No. AIOP doesn't replace any of the models already in use. The platform orchestrates models and AI services that are already deployed — OpenAI, Anthropic, Mistral, on-prem models — and adds the controls, evidence, and operating mechanisms that regulated organisations need. LumeSec doesn't sell models. We provide the operating layer that makes AI deployment safe, traceable, and auditable.

In a 30-minute briefing we walk through the LumeSec AI Operating Platform and show how AIOP runs against real workflows. Together we map how the platform fits into the existing stack, which regulatory or technical requirements are relevant, and what the right next step would be — a pilot, a paid assessment, or a clean call that there isn't a fit right now.

No. Questions are enough; we bring the demo. If a specific regulatory framework is in focus — EU AI Act, DORA, FINMA, or GxP — you can mention it when booking. We'll prepare the matching evidence templates and reference examples in advance.

A typical pilot runs 6 to 10 weeks, focused on a single clearly-defined workflow with a signed scope. Together we draft the policy contract, deploy AIOP in the matching operating mode — managed cloud, dedicated, or on-prem — and ship an Evidence Pack prepared for internal governance, risk, or audit committees.

A pilot can usually start two to four weeks after the Statement of Work is signed, assuming procurement is closed or pre-approved. Sovereign or air-gapped deployments typically need one to two additional weeks of infrastructure lead time depending on the environment.

LumeSec supports three deployment modes: managed EU-only cloud, dedicated single-tenant, and air-gapped on-prem. In dedicated mode, the platform runs in an isolated environment with customer-side control of perimeter and keys. In on-prem or air-gapped setups, the platform stays entirely within the defined infrastructure. The orchestrator detects the chosen mode and adapts Evidence Pack defaults, control logic, and operating assumptions accordingly.

Data stays strictly inside the chosen deployment layer. Managed Cloud runs EU-only. Dedicated and on-prem deployments stay within the customer's perimeter. LumeSec never trains models on customer data.

Security reports can be sent to security@lumesec.ai. A PGP key is available on request. We confirm incoming reports within one business day and follow a coordinated disclosure process with a standard 90-day timeline.

Pricing depends on scope, deployment mode, and specific requirements. Pilots are typically delivered as clearly-bounded fixed-scope engagements. For production operation, the price structure combines platform scope, workflows, and operating mode. Get in touch with our team — we'll walk through your requirements and design a fit for your organisation, transparent and with no hidden tiers.

Engagements are typically based on a Master Services Agreement plus a project-specific Statement of Work. The MSA covers IP, confidentiality, liability, and the underlying commercial terms. The SoW defines scope, deliverables, timeline, and the relevant Evidence Pack. Contracts are available in English and German. Redlines are supported through the usual enterprise process.