# Enterprise Overview

*What "enterprise" means for Aura, and where the line sits between the open-source binary and the commercial tier.*

## Overview

Aura is built and maintained by **Naridon, Inc.**, headquartered in Zürich, Switzerland. The core engine — semantic diffing, AST-level merge, [intent tracking](/intent-tracking), [Mothership](/mothership-overview) peer coordination, [Sentinel](/sentinel-overview) multi-agent messaging — is licensed under **Apache 2.0** and available to every user, on every platform, without a license key.

This page exists to answer a single question that every procurement team asks: *what do we get for free, and what do we pay for?*

The short answer: the product is open source. What Naridon sells is **operational certainty** — SLAs, accelerated security response, migration engineering, compliance documentation, and direct access to the people who wrote the merge engine. If you are a team of ten, you will likely never need any of it. If you are a regulated institution running Aura across three hundred engineers and four jurisdictions, the commercial tier is how you sleep at night.

## What the open-source binary includes

Everything required to run Aura in production:

- The full CLI (`aura`) and all twenty-nine MCP tools.
- Semantic diff, [AST merge](/ast-merge), and rename-proof function identity.
- Self-hosted Mothership server for P2P team sync (no SaaS dependency).
- Sentinel messaging between AI agents.
- Intent log with cryptographic chaining.
- Zone-based collaboration and [RBAC](/rbac-and-permissions) primitives.
- Tree-sitter grammars for all supported languages.
- All macOS, Linux, and Windows binaries (see [install-linux](/install-linux), [install-macos](/install-macos), [install-windows](/install-windows)).
- Docker images and reference Kubernetes manifests.
- Full source code on GitHub at `github.com/Naridon-Inc/aura`.

No feature is gated behind a license key. There is no "community edition" that quietly disables the good parts. The binary you download is the binary Naridon runs internally.

## What the commercial tier adds

The commercial tier is **service, not software**. It layers onto the same open-source binary you would download anyway.

| Category | Commercial tier provides |
| --- | --- |
| Support SLA | 24/7 response, guaranteed resolution windows, escalation to core engineers |
| Security | Private CVE pre-disclosure, signed advisory bulletins, hotfix backports |
| Compliance | Auditor-ready evidence packages, control mappings, signed attestation letters |
| Migration | Hands-on migration engineering for repos older than five years or above one million commits |
| Training | Onboarding workshops for platform teams, CISO briefings, agent-integration bootcamps |
| Roadmap | Influence over feature prioritization; named engineering liaison |
| Data residency | Written guarantees on where Naridon-operated infrastructure processes your data |

See [Enterprise Support](/enterprise-support) for the full tier matrix and contact details.

## Deployment posture

Aura is **self-hosted by design**. There is no mandatory SaaS control plane. Every Mothership a customer operates runs on that customer's infrastructure — on-premises, in a private VPC, or on a hyperscaler of their choice. Naridon operates a public demo Mothership for evaluation, but no enterprise customer is ever required to use it.

This posture has three consequences worth stating plainly:

1. **Your source code never leaves your perimeter unless you configure it to.** Mothership stores AST fragments, not raw source bytes, but even those fragments stay on hardware you control.
2. **Air-gapped installs are a first-class deployment mode.** See [Air-Gapped Install](/air-gapped-install). Aura ships offline bundles with pre-built tree-sitter grammars, so a fully disconnected build farm can run the engine with no outbound connectivity.
3. **Naridon cannot exfiltrate customer code.** This is not a policy commitment; it is an architectural one. The commercial tier does not alter this property.

## Compliance posture

Aura is **aligned with** the requirements of SOC 2 Type II, ISO/IEC 27001:2022, and HIPAA technical safeguards. Alignment means the engine produces the artifacts auditors need — immutable intent logs, role-based access events, AST-level change attribution — and that Naridon's internal operations are run against those frameworks.

We do not claim certifications we have not independently achieved. The [Compliance & Audit](/compliance-and-audit) page documents precisely which controls Aura satisfies out of the box, which controls the customer is responsible for, and which controls require a combination of both.

> Honesty matters more than marketing here. If an auditor asks for a SOC 2 Type II report covering your Aura deployment, that report must be produced against *your* environment, not ours. We give you the evidence. You own the attestation.

## Where Naridon fits

Naridon, Inc. is a Swiss-domiciled company. Swiss corporate law and the Swiss Federal Act on Data Protection (FADP) govern our operations. For customers inside the European Economic Area, we additionally operate under GDPR as a data processor when engaged for hosted evaluations, and as nothing at all when you self-host — because in that case, we are not processing your data.

Customers who require their code to remain inside a specific jurisdiction (EU, Switzerland, the United Kingdom, a US FedRAMP boundary, etc.) can enforce that at the infrastructure layer. See [Data Sovereignty in the EU](/data-sovereignty-eu) for the placement strategy we recommend.

## Scale characteristics

Aura has been designed and tested against the following envelope:

- **Repositories**: single monorepos up to 120 GB, 1.4 million commits, 18 years of history.
- **Functions tracked**: up to 2.5 million distinct function identities per repo.
- **Mothership peers**: tested at 512 concurrent peers per server, with tuning guidance in [Performance Tuning](/performance-tuning).
- **Intent log throughput**: 10,000 intents per minute sustained on a single well-provisioned Mothership.
- **Sync fan-out**: sub-second function-level propagation across LAN peers; 1–3 seconds across WAN.

These are tested numbers, not theoretical ceilings. Teams who exceed them exist, and we are happy to talk about their configurations.

## Security posture

The engine takes an uncompromising position on four things:

1. **Intent logs are append-only and hash-chained.** You cannot silently rewrite history. An auditor can verify the chain offline.
2. **Zone ownership is enforced at the pre-commit hook.** An agent or human attempting to edit a zone owned by someone else is blocked before the commit is created, not after.
3. **Strict mode, once locked, requires the configured passcode to disable.** A compromised developer account cannot silently turn off semantic protection.
4. **All Mothership peer traffic is mutually authenticated.** TLS with pinned certificates by default; pre-shared keys for air-gapped deployments.

Security advisories are published at `naridon.com/security`. Responsible disclosure instructions live in `SECURITY.md` in the open-source repo.

## Open-source commitments

Naridon's position on Aura's open-source license is straightforward:

- **The core will remain Apache 2.0.** We will not relicense, rug-pull, or introduce a "BSL"-style delay on the primary engine. If we ever needed to change this, we would fork first and tell you why.
- **Enterprise features do not exist as code you cannot see.** There is no private fork with the "good" merge algorithm. The merge algorithm is in the public repo.
- **Community contributions are welcome** under a standard DCO, with no CLA.

This matters because Aura sits in your development loop. A tool in that position cannot credibly ask for trust while withholding its own source.

## Who buys the commercial tier, and why

In our experience, four categories of customer end up on a commercial agreement:

- **Regulated enterprises** who need signed compliance letters, a named contact, and guaranteed patch windows — typically in finance, healthcare, defense, and critical infrastructure.
- **Platform engineering teams** at 500+ engineer organizations who want migration engineering help and performance tuning for their specific monorepo shape.
- **AI-native companies** running large fleets of autonomous agents who want Sentinel-level coordination hardened for their workload, plus priority bug fixes when a new model family ships.
- **Governments and research institutions** with data-sovereignty mandates that require contractual guarantees layered on top of the technical architecture.

If none of those describe you, the open-source binary is likely all you will ever need. That is by design.

## How enterprise evaluations usually go

We see a consistent pattern in how enterprise evaluations unfold, and it is worth sharing because teams who know the shape of the process get through it faster.

**Week one** is almost always a technical spike by a single platform engineer. They pull the open-source binary, import a sample repository (see [Migration from Git](/migration-from-git)), and confirm the semantic diff and AST merge do what we claim. This step converts curiosity into belief. It requires nothing from Naridon.

**Weeks two and three** are a pilot with a single product team. The team installs the CLI, integrates the MCP tools with their agent of choice, and runs their normal workflow through Aura for two sprints. The signal to watch for here is not whether anything fails — the engine is stable — but whether developers notice the change. The most successful pilots are the ones where developers stop noticing Aura within a week, because it has become part of how they work.

**Weeks four and five** are a conversation with security and procurement. This is when [Compliance & Audit](/compliance-and-audit) and [Data Sovereignty in the EU](/data-sovereignty-eu) become load-bearing. Security teams want to understand the threat model; procurement wants to understand the contract. Naridon participates in these conversations directly; we do not push them through a partner network.

**Week six onward** is broader rollout. This is where the commercial tier becomes a conversation, typically because the platform team wants guaranteed response windows before they make Aura a hard dependency of their development flow.

## What Aura is not

It is worth being explicit about boundaries. Aura is not:

- **A replacement for Git.** Git hosts the bytes; Aura adds the semantic layer on top. Your existing GitHub, GitLab, or Bitbucket deployment is unaffected.
- **A code review platform.** Aura provides semantic-aware pre-review checks; the social machinery of review still happens wherever your team does it today.
- **A build system.** Aura has no opinion on CI. It runs happily alongside Bazel, Nx, Turborepo, or plain make.
- **A secret manager.** The pre-commit hook can detect common secret patterns, but secret custody belongs in Vault, AWS Secrets Manager, or equivalent.
- **An observability platform.** Aura emits metrics and traces, but your SIEM, APM, and log aggregation live where they already live.

The product surface is deliberately narrow: everything Aura does is about the semantic layer over version control. That narrowness is why it composes cleanly with the rest of your stack.

## See Also

- [Self-Hosted Deployment](/self-hosted-deployment)
- [Air-Gapped Install](/air-gapped-install)
- [Compliance & Audit](/compliance-and-audit)
- [RBAC & Permissions](/rbac-and-permissions)
- [Data Sovereignty in the EU](/data-sovereignty-eu)
- [Enterprise Support](/enterprise-support)