Security
This page is for security and procurement teams evaluating Containarium. It documents — per setup tier — exactly what data crosses which network boundary, what FootprintAI receives, and what we explicitly do not collect. No marketing.
Last reviewed: 2026-05-24. If you have a specific compliance question this page doesn't answer, email [email protected].
When you self-host Containarium (Tier 1 and above), source code, test data, build artifacts, environment variables, secrets, and runtime data never reach FootprintAI infrastructure. The platform runs entirely on machines you control. We have no operational access to your containers, no telemetry on the workloads inside them, and no mechanism to retrieve customer data.
The only outbound network calls from a self-hosted Containarium daemon are:
The only inbound traffic to FootprintAI is from your operators / agents using our hosted control plane (cloud.containarium.dev) — which is itself optional; fully self-hosted deployments never connect to it.
Four setup tiers, increasing in self-containment. Pick based on your data sensitivity and operational appetite. The capability — a real Linux environment per agent / CI job / preview — is identical across all four.
| Tier | Source code & tests | Runtime data | Control-plane metadata | Auth credentials |
|---|---|---|---|---|
|
0 — Hosted cloud
evaluation
|
→ FootprintAI infra (Containarium boxes on our hosts) | → FootprintAI infra | → FootprintAI infra | → FootprintAI infra (hashed) |
|
1 — Self-host + cloud control
mid-market
|
Stays in your network | Stays in your network | → FootprintAI infra (container names, sizes, lifecycle events) | → FootprintAI infra (hashed) |
|
2 — Fully self-hosted
enterprise
|
Stays in your network | Stays in your network | Stays in your network | Stays in your network |
|
3 — Air-gapped
regulated
|
Stays in your network | Stays in your network | Stays in your network | Stays in your network (offline install bundle, no internet egress at all) |
"Control-plane metadata" = container names, requested sizes, lifecycle events (create / start / stop / delete) that the hosted cloud's scheduler needs to route requests. Never includes file contents, command output, or env vars.
Across all tiers, including the hosted cloud, FootprintAI does not collect or retain:
Self-hosted Containarium daemons can optionally emit anonymous usage telemetry to help us prioritize features. It's off by default; no daemon sends telemetry unless the operator explicitly enables it via the configuration file.
When enabled, the daemon sends:
v0.18.0/linux-amd64)create:42, delete:38, ssh-config:7) — verb names only, no arguments
Telemetry data is retained for 90 days, then aggregated and deleted. The
endpoint is a single POST to telemetry.containarium.dev/v1/ping;
firewall it if you prefer not to send anything even by accident.
We are not currently SOC 2 / ISO 27001 / HIPAA certified. For Tier 2 / 3 deployments where compliance is the customer's own responsibility (because the platform runs entirely in your environment), this is typically not a blocker — the audit boundary is your infrastructure, not ours.
If you need FootprintAI itself to carry a compliance attestation (e.g. you're a heavily regulated industry adopting the hosted cloud), reach out to [email protected] and we'll discuss timelines.
Open source means most of your due diligence happens against the public repo. For DPAs, security questionnaires, or anything that needs a signed document, email [email protected] with your timeline. We typically turn around standard security reviews in under two business days.