Why We Built Local-First AI
Your infrastructure data is some of the most sensitive information in your organization. Here's why we designed TernaryPhysics Ops to process everything locally, and why we think this is the only way to build infrastructure AI responsibly.
The Problem with Cloud-Based Observability
Most observability tools work by shipping your logs, metrics, and traces to an external service. This made sense when analysis required expensive compute that couldn't run on your infrastructure. But it creates serious problems:
Sensitive Data Exposure
Logs contain customer data, API keys, session tokens, PII. Sending them to third parties is a security risk and compliance nightmare.
Data Residency Requirements
Many organizations can't send data outside their region or network. GDPR, HIPAA, FedRAMP all have strict requirements.
Latency and Availability
When the external service is down, you're blind. When there's network latency, investigation is slow.
We saw these problems firsthand. Every enterprise we talked to had redacted their most useful logs before sending them to observability tools. They were paying for analysis of incomplete data.
Bring AI to the Data
The breakthrough insight: modern AI models can run on commodity hardware. A quantized model can provide real-time conversational responses on a standard server CPU. No GPU required.
This changes everything. Instead of sending data to AI, we bring AI to the data. Your logs, metrics, and system state never leave your environment. The AI runs right next to them.
What stays local:
- All logs, metrics, and traces
- Query results and investigation data
- AI model inference
- Credentials and secrets
What We Do See: Billing Metadata
We're not running a charity — we need to bill you somehow. Here's exactly what we see:
- Agent ID (random UUID, not resource name)
- Agent type (k8s-agent, postgres-agent, etc.)
- GB of data processed (aggregate number, not contents)
- Timestamp
That's it. We don't see what the data contained, what questions you asked, what problems you found, or what fixes you applied. We see: "Agent A processed 2.3 GB on April 5th."
Why This Matters for Security
Full Visibility
Agents can analyze unredacted logs, including sensitive data you'd never send to a third party.
No Attack Surface
No cloud APIs to attack, no data in transit to intercept, no external service to compromise.
Works Offline
Agents work even if internet connectivity is lost. Investigation doesn't depend on external services.
Compliance Ready
Data never leaves your environment, simplifying GDPR, HIPAA, SOC 2, and FedRAMP compliance.
The Trade-offs
Local-first isn't free. There are real trade-offs:
- Model size matters. We can't run GPT-4 locally. TernaryPhysics-7B is powerful but not infinite.
- Each agent needs resources. The LLM needs ~4GB disk and ~8GB RAM. Not huge, but not zero.
- Updates require re-deployment. When we improve the model, you need to update your agents.
We think these trade-offs are worth it. A slightly smaller model that sees all your data is more useful than a giant model that only sees redacted logs.
The Future of Infrastructure AI
We believe local-first is the future of infrastructure AI. As models get smaller and more efficient (see: quantization advances, model distillation, specialized architectures), the case for cloud processing weakens.
In five years, we expect most infrastructure AI to run on-premise. The security and compliance benefits are too significant to ignore. TernaryPhysics Ops is designed for this future.
Questions about our security model? Check our security page or email ops@ternaryphysics.com.