Trust by design — why your logs stay on-site

Why on-site processing matters

When your firewalls generate logs, those logs carry sensitive operational detail: source and destination addresses, connection counts, rule names, and more. Shipping that raw stream to a cloud analysis service means your operational data crosses a boundary you do not fully control.

NeuralWall is built around a different principle. The analysis pipeline runs on your infrastructure, alongside the firewalls it reads. What leaves the boundary is the verdict — a structured finding with its reasoning and its MITRE ATT&CK mapping — not the raw log lines that produced it.

What “trust by design” means in practice

• Local enrichment. Posture data (your firewall rule inventory) and activity data (logs) are joined inside your perimeter. No raw correlation data is sent outward.
• No model training on your data. The detection models are trained on synthetic and curated datasets. Your operational logs are not used to improve the models.
• Explainable output. Every finding carries its chain of reasoning, so your team can audit what the AI triage concluded and why — not just accept a score.
• Minimal egress by design. The architecture is designed so that what crosses the network boundary carries no raw client records. [À VALIDER: confirm specific egress data types with engineering before publishing.]

This approach is not a feature toggle — it is the architecture. The boundary between your data and the outside world is enforced structurally, not by policy.