Sparcle for Defense

ITAR-bounded. CMMC-ready. Air-gap by default.

Defense and defense-industrial-base workloads have non-negotiable boundaries: ITAR-controlled technical data, CMMC-assessed cybersecurity practices, IL4/IL5 mission criticality. Bolt and Aeira ship for those boundaries: on-prem inference, customer-held keys, and an audit chain your sponsor's C3PAO can verify offline.

Compliance frameworks

What Sparcle ships against.

The defense compliance posture isn't a single framework; it's the intersection of ITAR, CMMC, NIST 800-171/172, and the DOD Impact-Level requirements that govern the network the binary runs on. Each frame below maps to a concrete implementation, not a marketing claim.

ITAR

International Traffic in Arms Regulations: controlled technical data cannot leave the US persons boundary, full stop. Bolt's BYO-LLM mandate and on-prem inference mode keep the prompt inside that boundary regardless of which model is configured.

CMMC L3 / L5

Cybersecurity Maturity Model Certification: Sparcle's controls evidence map walks every CMMC practice to a concrete implementation. The cryptographic audit chain is an artifact a C3PAO can review during assessment.

IL4 / IL5

DOD Impact Level requirements for controlled unclassified information and mission-critical workloads. Air-gap deployment is the default, not the upsell.

NIST 800-171 / 800-172

CUI and Enhanced-CUI control families. The Authority Policy SDK lets you encode classification-tier ranking floors that mechanically prevent over-cleared retrieval.

Data residency posture

Where the data lives. Where it doesn't go.

Air-gap by default

Bolt and Aeira ship with an air-gap-eligible Helm chart and a docker-compose path that requires zero outbound connectivity. The Aeira index is sharded and replicated entirely inside the customer enclave.

No public LLM API in scope

Mode A (on-prem inference via vLLM, TGI, llama.cpp, or NVIDIA NIM) is the supported posture. Mode C (public vendor API) is explicitly out of scope for ITAR and DOD IL4+ workloads.

Customer KMS, customer keys

Vault Transit, AWS KMS GovCloud, or PKCS#11 HSM. Sparcle does not hold tenant master keys. The crypto-shred construction means Sparcle cannot read tenant data without the customer-held CMK.

Sovereign cloud + classified networks

Helm chart deployable into AWS GovCloud, Azure Government, IL4/IL5 sovereign clouds, and classified networks reachable only from CAC-authenticated terminals.

1-page brief

Take this to your sponsor.

The defense-vertical brief is a single printable page covering the compliance posture, the deployment topologies, and the trust artifacts. Designed to forward to your contracting officer or assessor without scheduling a call.

Workflows the founding team has built for

Four anchor use cases.

These are the workflows the engineering team has implemented or scoped with defense design partners. The Authority Policy SDK and connector configuration are the per-customer tuning points; the runtime is the same Bolt and Aeira shipping to every other vertical.

SOC triage on a classified network

An analyst at the launcher chips through CrowdStrike alerts, MISP indicators, classified threat intel. Every retrieval is ACL-bound to the analyst's clearance; every action is recorded in the audit chain.

Contract and capability intelligence

Cross-source synthesis across FAR / DFARS filings, contractor self-assessments, and internal capability briefings. Privilege walls keep classified annexes out of unclassified briefs.

ITAR-bounded communications drafting

Outbound communications to coalition partners pass the ITAR-control predicate before send. The audit chain records the predicate output, not just the message.

Capability briefing assembly

Pull authoritative source-of-record data into a structured brief; the Authority Policy ranks classified-source content above unclassified, and demotes deprecated or rescinded material below the cut.

Trust dossier for defense

The four artifacts your CISO and assessor will ask for.

  • /trust/where-the-model-runs — Why Mode A (on-prem inference) is the default for defense; the PII-masking layer that protects every other mode.
  • /trust/cryptographic-erasure — Why Sparcle cannot read your data even with access to the ciphertext. The construction your auditor verifies.
  • /trust/verify — The standalone audit-chain verifier. Your auditor runs it offline; no network calls, no Sparcle dependencies.
  • /trust/subprocessors — Why customer data never reaches Sparcle infrastructure in the air-gap and Helm topologies.

Want to walk this against your specific network and assessor?

A 30-minute defense architecture review covers your network classification, your KMS posture, your ITAR-control predicates, and the workflows your team needs. Founder-led; the engineering team is on the call.