Run the whole fleet. Keep the controls.
Rigs Enterprise turns desktop sessions into a governed platform primitive — scoped to your org tree, gated by your approvals, attributable in your audit pipeline.
Org-level governance
Keystone organizations and projects map to your real structure. Scopes, quotas, and concurrency limits apply per project, so platform teams delegate without losing control.
SSO through your IdP
Authentication federates through Keystone to your identity provider. Sessions, entitlements, and IAM checks resolve on every request — fail-closed.
Approval gates
Put a human approval in front of expensive or destructive operations — macOS fleet scale-ups, OS reinstalls, state wipes — without changing how developers call the API.
Audit export
Every provision, lifecycle action, credential mint, and agent invocation is attributable to a principal. Export the trail to your SIEM on your schedule.
Residency pinning
Pin projects to regions for data residency. Private regions put the entire desktop runtime inside your network boundary.
SLA and named support
99.9% uptime SLA on the control plane, a named support engineer, and security review support during procurement.
One console for the platform team.
The same console your developers use scales to the enterprise view: tenant-scoped fleets, diagnostics, agent activity, and the client identity that anchors it all.
- Keystone Auth v4
- IAM v4 checks
- Garden usage attribution
- Omega runtime
Procurement-ready, engineer-approved.
Bring your security questionnaire. We will bring the architecture diagrams, the scope tables, and a live fleet.
Start the conversation