Your AI stops at the data it can’t touch. Capsule gets it through.
The log that would close the ticket can’t leave the building, so your model never sees it. Mask it and node=████ tells the AI nothing. Capsule sends a protected working version through your approved model, and the real answer comes back in the workflow.
Raw values stay inside.
A protected version does the round trip.
The model can be external. The raw values are not. LLM Capsule is the context-preserving data layer between your operational data and AI execution — approved models, agents and MCP tools — so only a protected working version ever crosses, and the real values are reconstructed inside your workflow.
| protected stand-in | original (stays local) |
|---|---|
| ⟨capsule:circuit_1⟩ | CKT-77-AB12 |
| ⟨capsule:node_1⟩ | edge-04 |
One layer between your operational data and the model.
Operational data goes in. Only a protected working version reaches approved models, agents and MCP tools. The reconstructed result lands back in your workflow — the raw values and the internal mapping never move.
It plugs into the systems you already run.
Agents, MCP servers and RAG pipelines call Capsule; it returns a protected working version, the approved model runs, and the real result is reconstructed into ServiceNow, Jira, OSS/NOC, EHR or your OT historian.
Not masking. Not a cloud vault.
Where other approaches stop the workflow or move your data out, Capsule keeps the values inside and still returns a usable result.
| Approach | What it does | The limit | With LLM Capsule |
|---|---|---|---|
| Masking & redaction | Removes the values | Destroys the context AI needs; the workflow can't finish | Keeps raw values inside and reconstructs usable results to the workflow |
| PII detectors | Detect names and numbers | Can't see non-PII operational markers you actually need protected | You define the markers; structure stays usable |
| Synthetic data | Generates artificial data | For training and testing, not live operational workflows | Runs on the real records in production |
| Block AI entirely | Manual approval gate | Pilots never reach production | The workflow runs under your existing governance |
What makes the workflow keep running, and keep running for years
Can't send it raw. Can't just mask it. Capsule creates a protected working version, lets AI do the work, and reconstructs a usable result inside your workflow. These three capabilities are why the workflow finishes — plus three more that keep it running inside real systems over time.
Get the real answer back
When the model returns its answer, Capsule rebuilds the real business values inside your environment, automatically. No one masks the input and reassembles the output by hand. The workflow finishes with real circuit IDs, ticket IDs and figures.
Protect what PII tools can't even see
Standard PII categories aren't enough. Define project codes, deal terms, internal IDs, network identifiers, asset references, mission references — any business-specific marker. Context-aware control adapts to document type, department and workflow.
Keep the record usable
Tables, cross-references, configurations, topology graphs, ticket fields, runbook steps and document hierarchies survive intact. AI receives the full operational structure, not broken fragments that produce useless output.
You keep control of your own data
Sensitive data stays inside your environment. The model only ever works on the protected version, and the map that reconstructs real values never leaves the organization. Differential-privacy-based protection makes original values practically non-recoverable from outside your boundary. The model can be external; the raw values don't have to be.
Fit into the workflow they already run
Air-gapped networks, on-premise servers, telecom-grade platforms, ServiceNow / SharePoint / Jira / OT historians and RAG pipelines — Capsule deploys inside your enterprise as-is, as a single API-call addition. No migration. Your existing workflows and policies stay intact.
Change what's protected tomorrow
Yesterday it was circuit IDs and topology nodes. Today add M&A codenames and deal terms. Next quarter add a new regulator's markers. Define, version and time-shift what's protected as your business and regulations evolve, with a full audit trail of which marker was protected when.
Not just PII. The operational records your work actually runs on.
A generic PII detector looks for names and numbers. The data that stops your AI is logs, configs, topology and contracts. Capsule keeps each of these usable for AI while the real values stay inside.
System logs
PDF reports
Topology graphs
Tickets
Runbooks
Code & config
Tables
Images & diagrams
Unstructured notes
Measured on real operational documents
Reconstruction is deterministic: substituted markers are rebuilt inside your environment through the internal mapping, not by inverting any differential-privacy step. Similarity measured on structured operational documents; figures vary by data type and workflow. We validate on your own payload during evaluation.
Built for operations putting AI on data that can't leave
The same round trip across regulated operations: the real record stays inside, AI works on a protected version, and the answer comes back in the ticket or workflow.
Network Operations & Incident Analysis
Industrial Asset & Vulnerability Operations (OT)
Healthcare Clinical & Hospital Operations
Public Sector / Defense — Mission Workflow
Deutsche Telekom and Claroty validate Capsule in critical-infrastructure and telecom-grade operational context — the hardest places for operational data to move at all.
Capsule opens the blocked path. Syntitan takes it to production.
Capsule gets blocked operational data into the AI workflow on-prem. Syntitan, the cloud operating layer, then evaluates, validates and operates that workflow in production. Capsule and Syntitan stay separate products for separate audiences; this is how they connect.
Opens the blocked path
Operational data that can't go raw into SaaS reaches the AI workflow inside your environment.
Takes it to production
Validates and operates the workflow so it's production-ready and reproducible at scale.
The questions people ask before they trust this
Can you run AI on operational data that can't leave your environment?
Yes. LLM Capsule turns sensitive operational values into a protected working version inside your environment, lets an approved model work on that version, and reconstructs the usable result in your workflow. The original values and the mapping that reconstructs them never leave. It runs on-prem, in your VPC, or fully air-gapped.
What is a context-preserving data layer for AI?
It is a layer that sits between your operational data and the model. Instead of redacting values to ████ and destroying the record, it substitutes them with context-preserving stand-ins so the structure the AI needs stays intact, then reconstructs the real values after the model runs.
How is this different from a cloud privacy vault or a PII masking tool?
A masking tool hides values and stops, which breaks the workflow. A cloud privacy vault stores your values and the mapping in someone else's cloud. Capsule keeps the original values and the reconstruction mapping inside your own environment, protects non-PII operational markers you define, and reconstructs a usable result. Nothing is sent to an external vault.
Can it run in an air-gapped or regulated environment?
Yes. Capsule deploys inside on-prem, VPC and air-gapped environments and embeds into the systems you already run, such as ServiceNow, Jira, OSS/NOC and RAG. It is already deployed on operational data in telecom, industrial / OT and the public sector.
Frequently asked questions
Is LLM Capsule a PII masking tool?
Does Capsule replace my approved LLM?
Can I still use external LLMs like ChatGPT, Claude or Gemini?
Can it work on logs, PDFs, graphs, tickets, code and images?
Where do the raw values stay?
How does reconstruction work?
Do humans have to manually reconstruct the values?
Can the policy change over time?
How does this connect to Syntitan?
Bring one workflow that can't send its data raw.
A log, PDF, topology graph, ticket, runbook or config that can't go raw into an LLM. We'll show what stays inside, what the model works on, and how the result comes back usable.
![](data:image/svg+xml,<svg display="block" role="presentation" viewBox="0 0 148 16" xmlns="http://www.w3.org/2000/svg"><path d="M 11.102 15.765 L 0 15.765 L 0 0.225 L 3.59 0.225 L 3.59 12.61 L 11.102 12.61 L 11.102 15.766 Z M 24.19 15.765 L 13.086 15.765 L 13.086 0.225 L 16.676 0.225 L 16.676 12.61 L 24.188 12.61 L 24.188 15.766 Z M 26.177 0.226 L 29.85 0.226 L 34.324 10.366 L 38.798 0.226 L 42.472 0.226 L 42.472 15.765 L 38.882 15.765 L 38.882 7.361 L 35.526 14.844 L 33.13 14.844 L 29.774 7.36 L 29.774 15.764 L 26.184 15.764 L 26.184 0.225 L 26.177 0.225 Z M 57.981 0 C 60.649 0 62.947 1.352 64.375 3.556 L 63.362 4.334 C 62.01 2.341 60.09 1.27 57.99 1.27 C 54.4 1.27 51.785 4.139 51.785 8.012 C 51.785 11.886 54.453 14.74 58.058 14.74 C 60.219 14.74 62.138 13.698 63.499 11.674 L 64.467 12.452 C 63.068 14.626 60.694 16 58.056 16 C 53.741 16 50.469 12.565 50.469 8.011 C 50.469 3.458 53.696 0 57.996 0 Z M 65.483 15.765 L 71.62 0.225 L 73.335 0.225 L 79.472 15.765 L 78.142 15.765 L 76.562 11.793 L 68.392 11.793 L 66.812 15.765 L 65.482 15.765 Z M 76.079 10.57 L 72.466 1.456 L 68.869 10.57 Z M 81.833 15.765 L 81.833 0.225 L 87.872 0.225 C 90.706 0.225 92.55 2.008 92.55 4.711 C 92.55 7.414 90.706 9.151 87.872 9.151 L 83.14 9.151 L 83.14 15.765 L 81.832 15.765 Z M 83.141 7.92 L 87.811 7.92 C 90.048 7.92 91.212 6.651 91.212 4.718 C 91.212 2.785 90.049 1.464 87.812 1.464 L 83.14 1.464 L 83.14 7.92 Z M 95.465 12.028 C 96.553 13.81 98.299 14.739 100.196 14.739 C 102.093 14.739 103.891 13.697 103.891 11.96 C 103.891 10.224 102.607 9.499 99.757 8.495 C 96.583 7.37 94.973 6.275 94.973 4.077 C 94.973 1.389 97.467 0 99.773 0 C 102.304 0 103.99 1.314 104.821 2.71 L 103.808 3.488 C 102.924 2.008 101.496 1.268 99.772 1.268 C 98.049 1.268 96.296 2.243 96.296 4.048 C 96.296 5.489 97.528 6.328 100.158 7.218 C 103.952 8.51 105.214 9.71 105.214 11.938 C 105.214 14.573 102.818 16 100.196 16 C 97.785 16 95.54 14.784 94.49 12.806 L 95.457 12.028 Z M 108.278 0.226 L 109.578 0.226 L 109.578 10.102 C 109.578 12.835 111.475 14.715 114.528 14.715 C 117.581 14.715 119.478 12.85 119.478 10.102 L 119.478 0.226 L 120.778 0.226 L 120.778 10.102 C 120.778 13.636 118.398 15.999 114.528 15.999 C 110.659 15.999 108.278 13.629 108.278 10.102 Z M 124.785 15.765 L 124.785 0.225 L 126.092 0.225 L 126.092 14.512 L 135.056 14.512 L 135.056 15.772 L 124.785 15.772 Z M 137.67 0.226 L 147.329 0.226 L 147.329 1.464 L 138.978 1.464 L 138.978 7.097 L 146.188 7.097 L 146.188 8.343 L 138.978 8.343 L 138.978 14.534 L 147.571 14.534 L 147.571 15.773 L 137.67 15.773 Z" fill="rgb(35, 31, 32)" height="16px" id="o43yy6bJZ" width="147.57099816894532px"/></svg>)