Safeguard
FAQ

Air-Gapped Security Deployment: FAQ

How software supply chain security works in fully disconnected environments: offline vulnerability database sync, sealed deployments, customer-held keys, and what changes when there is no internet.

Safeguard Team
Platform
6 min read

An air-gapped deployment runs the entire security platform inside a network with no route to the public internet, so no source code, SBOM, or finding ever leaves your boundary. The hard part is not the install; it is keeping vulnerability intelligence current when the machine cannot reach an upstream feed. Safeguard handles this with a signed, offline vulnerability-database bundle you transfer across the gap on your own schedule, plus a scanner and triage engine that run entirely locally. This FAQ covers how the model works, what you give up, and what stays the same compared with connected deployments.

Frequently Asked Questions

What does "air-gapped" actually mean for a security scanner? It means every component runs inside your isolated network with no outbound connection, so the scanner, the vulnerability database, the analysis engine, and the web console are all local. Nothing about your code, dependencies, or findings is transmitted to a vendor cloud. The only thing that crosses the boundary is a signed data bundle you carry in deliberately, on media you control.

How does the vulnerability database stay current without internet access? You receive a cryptographically signed database bundle that packages the current CVE, GHSA, and advisory data, and you transfer it across the air gap on removable media or through your approved one-way data diode. An operator verifies the signature and imports it, and the scanner immediately uses the new data. You control the cadence, whether that is daily, weekly, or aligned to a change window.

Does the AI triage engine work offline? Yes. Griffin AI, the reachability and triage engine, runs against local model weights shipped as part of the offline bundle, so exploitability analysis and prioritization happen inside your boundary with no API calls out. There is no dependency on an external inference endpoint. This is the same posture required for classified and defense networks where no telemetry may leave the enclave.

Who holds the encryption keys in an air-gapped install? You do. Air-gapped deployments use customer-controlled keys exclusively, and you can back the platform with your own KMS or HSM. Safeguard never has access to key material, ciphertext, or plaintext, because there is no channel through which it could. This is a structural property of the deployment, not a policy promise.

How far behind is offline CVE data compared with the cloud? It is exactly as current as your last bundle import, so the freshness gap is a decision you make, not a limit we impose. Teams that import daily are typically within 24 hours of the connected feed; teams on a weekly change window accept up to seven days. Because the bundle is a full signed snapshot, there is no partial or drifting state to reconcile.

Can I scan the same ecosystems offline that I can in the cloud? Yes. The offline scanner covers the same package ecosystems through software composition analysis and produces the same CycloneDX or SPDX SBOMs as a connected deployment. Container image and infrastructure-as-code scanning also run locally. The engine is identical; only the data-refresh path differs.

What is the initial install like across the gap? You receive a sealed release artifact, verify its signature against a key you have out-of-band, and install it into your orchestration environment, whether that is Kubernetes, OpenShift, or a set of VMs. No step in the installation reaches out to a registry or license server on the public internet. Licensing itself is validated offline against a signed entitlement, so there is no phone-home.

Is an air-gapped deployment compatible with classified networks? The architecture is built for exactly this. Because nothing egresses and all analysis is local, the platform fits enclaves that must meet FedRAMP HIGH and DoD Impact Level controls, and the design targets those control sets. To be precise about our posture: Safeguard's architecture is built to those requirements and SOC 2 Type II is in progress; specific authorizations depend on your accrediting body. Our compliance overview states plainly what is certified versus in progress.

How do updates to the platform software itself get delivered? The same way as data: a signed release bundle you verify and import during a change window. Because there is no auto-update channel, you control precisely when new versions land, which matters for change-managed and accredited environments. Rollback is a matter of re-importing the prior signed release.

What happens to scan telemetry and usage data? It stays inside your boundary. There is no product analytics, error reporting, or usage metering that leaves the network, because the deployment has no path out. If you want aggregate reporting, it is generated locally in your own console.

Can I run air-gapped for some environments and cloud for others? Yes, though they operate as independent installations rather than a single federated view, since by definition the air-gapped side cannot sync to a shared cloud tenant. Many customers run cloud for low-sensitivity workloads and a sealed air-gapped instance for regulated or classified ones. If you want to weigh that split, our deployment and platform comparison lays out the trade-offs.

Does going air-gapped change the price? It is a different deployment tier because it involves the offline bundle pipeline and dedicated support, so it is quoted rather than self-serve. The scanning and triage capabilities are the same as the connected product. See pricing for tiers or reach out for a scoped quote.

What is the honest downside of air-gapped operation? You trade convenience for control. Vulnerability data is only as fresh as your last import, platform upgrades require a deliberate transfer step, and there is operational overhead in running the bundle-import process. For most connected teams that overhead is not worth it, but for isolated networks where no data may leave, it is the only responsible model and the trade is well worth it.

If you are scoping a disconnected deployment, start with the software composition analysis and Griffin AI capability pages to confirm the engine fits, review what is certified on the compliance page, and contact our team for an air-gapped scoping call. Full technical detail lives in the documentation at https://docs.safeguard.sh.

Never miss an update

Weekly insights on software supply chain security, delivered to your inbox.