Centralised access. Approval before anything risky. Every action logged. Built so the team that asks “is this safe?” has a real answer.
Most AI security pages drown in jargon. Here is how we think about it, in plain terms, the same way we'd explain it on a kickoff call.
We never use your data to train models. Deploy in our cloud in Sydney, in your own AWS / GCP / Azure account, or split between the two. You decide where it lives.
Logins to Shopify, Klaviyo, Slack, and the rest of your stack live with Lifter, encrypted. Agents get the ability to do something. They never see the credential that lets them do it.
Refunds, customer messages, paid spend, anything that moves money or changes inventory — they all pause in the channel your team already works in, for someone to approve before the agent acts.
Who asked, what ran, what it touched, who approved it. Exportable in real time to your audit pipeline so finance, IT, and the board can see what's happening without asking.
Your support specialist can refund up to $50 without asking. Your trade-report specialist can't refund at all. You set the lines, we enforce them.
Your team's data sits in its own isolated environment with its own storage. Not a shared database, not a logical partition. Real separation.
Three options. Pick the one that matches the conversation you'd have with your IT lead.
Hosted in Sydney, managed and monitored by us. Right for teams who want a working deployment without a procurement cycle. The fastest path to value.
Runs entirely inside your own AWS, GCP, or Azure account. Your data and your team's customer information never leave your perimeter. Right for regulated industries or strict data-residency requirements.
The admin UI lives in our cloud so we can keep shipping product improvements. The runtime — credentials, tool calls, customer data — runs in your account. A practical middle ground.
Every tool an agent can use has one of three settings. You decide which, per person and per role.
Safe, reversible work. The agent runs without interrupting anyone. Drafting an email, building a dashboard, summarising a thread.
Anything that touches a customer, costs money, or changes inventory. The agent pauses in the channel your team already uses — for a human to approve, deny, or ask for context first.
The tool isn't available to that specialist at all. They don't see it. They can't try to use it.
Not just outcomes. Not just errors. The full picture of what your AI workforce did, who approved it, and why.
What we capture
Where it goes
In real time, into the audit pipeline you already use. S3, Datadog, Splunk, or your SIEM of choice. We don't gate the data behind our UI.
Retention follows your policy, not ours. If your environment requires 7 years, we keep it 7 years. If 90 days is enough, we keep it 90 days.
Your IT lead is going to ask “is this safe?”— we want to be the ones who have the real answer.
The Lifter approach to trust
Agents see actions, not API keys. The Gateway holds the credentials, looks up the right one per call, checks the rules, and never lets a secret reach the model.
Locked down
Encrypted at rest. Resolved in memory at call time. Never delivered to the model, never logged in clear.
Configurable
Different stances for different agents, different accounts, different value thresholds. You set them; we enforce them.
Auditable
Who did what, when, and under which rule, for every call — recorded and exportable to your audit pipeline.
Email security@lifter.work and we will reply within one business day. If you need a call with our engineering lead, just ask in the email.