Deployment
ThreatLens ships from one codified stack to several targets, so you can run it wherever your data-residency and operational needs require.
Section in progress
Step-by-step installation guides for each target are being published. This page is the map.
Deployment options
| Target | Best for | How it runs |
|---|---|---|
| SaaS | Fastest start, fully managed | Hosted by ThreatLens |
| Private cloud (Compose) | A single-tenant deployment you control | Docker Compose on your VM |
| Enterprise (Kubernetes) | Scale and long-term operation | Helm chart in your cluster (EKS/AKS/GKE/OpenShift) |
| Your own cloud (BYOK) | Maximum control and data residency | Your infrastructure, your model keys |
Durable design principles
- Stateless application tier — horizontally scalable; configuration via environment.
- Managed data tier — Postgres and object storage from your cloud, not self-hosted in a container for production.
- Build once, ship images — every target pulls the same versioned image.
- Health probes — readiness and liveness endpoints for orchestration.
- Fail-static — if the control plane is unavailable, the data plane keeps enforcing on cached policy; it never fails open.
What a deployment needs
- A Postgres database.
- Object storage for documents/blobs.
- An identity provider for SSO (or local accounts to start).
- At least one connected AI model (your enterprise-managed provider is recommended).
- TLS and a single public front door; the backend stays private behind it.
Detailed prerequisites, install steps, configuration reference, upgrades, and backup/restore are published per target.