What it is Why hosted For teams threep.ai ↗ Join waitlist →
// threep.cloud — managed hosting

Hosted threep,
without the setup.

Get the evidence-backed compliance engine from threep.ai as a managed service. Answers grounded in your real policies, plans, and procedures. No self-hosting required.

No self-hosting. No citation theater.
No pretending gaps don't exist.

Join the waitlist Explore threep.ai
threep.cloud · assessment
Control question
"Do you maintain a documented incident response plan covering preparation, detection, and recovery?"
YES
Evidence found — 2 sources
IR-Policy-v3.2.pdf §4.2 — "The organization maintains a written incident response plan covering preparation, identification, containment, eradication, recovery, and post-incident review…"
PARTIAL
Recovery time objectives documented — testing cadence not specified
Confidence: 1.87
2 sources
NIST IR-4
What it is

The managed path to threep.

threep.cloud is the hosted version of threep.ai — the open-source compliance evidence engine. It does the same thing: ingest your policies, plans, and procedures; answer audit and assessment questions with citations drawn from your actual documents.

The difference is operational. You don't deploy it, maintain the runtime, or manage model infrastructure. Bring your documents, run assessments, get defensible outputs. The complexity stays on our side.

threep.cloud is for teams who want the compliance value without the overhead of running the stack themselves.

Same evidence engine The same grounded-in-documents approach that powers threep.ai. No changes to the core compliance logic.
Up the same day No installation, no model configuration, no tuning. Upload your documents and start.
Built for teams Shared workspaces and assessment outputs your whole team can access, review, and act on.
Why hosted

Compliance work is hard enough
without managing the stack.

threep.cloud takes infrastructure off your plate so you can focus on what actually matters — finding evidence, surfacing gaps, improving your posture.

No infrastructure to deploy

No Python environment, no Ollama model, no ChromaDB. We run the stack. You run assessments.

Start the same day

Upload your policy documents and run your first assessment without a setup ticket, an IT request, or a configuration review.

Works without a setup ticket

Web-based. Your team signs in and uses it. No local environments to install, no IT request, no dependencies to maintain per machine.

We handle the maintenance

Model updates, infrastructure scaling, uptime. Your team stays focused on finding evidence instead of keeping the lights on.

What stays true

The discipline doesn't change
just because it's hosted.

threep.cloud runs on the same principles as threep.ai. No hallucinated citations. No fabricated confidence. No gaps quietly papered over.

Answers grounded in your actual documents

threep only cites what exists in your uploaded policies, plans, and procedures. No confabulation from training data, no generic fallback text.

Citations point to specific sections

Every YES or PARTIAL answer includes a pointer to the document, section, and excerpt that supports it. Auditable. Traceable. Defensible.

Honest handling of gaps

If your documents don't cover a control, threep says PARTIAL or NONE — not YES. Gaps show up here, not at audit time.

Outputs you can defend

Assessment results are meant to be reviewed, challenged, and improved — not accepted blindly. They're a starting point, not a rubber stamp.

Not a hallucination machine with a compliance skin

threep was built because existing tools fabricate confidence. That problem doesn't become acceptable just because the tool is managed.

Who it's for

Built for teams that need
answers, not infrastructure.

Lean compliance teams

Small teams managing large control frameworks. You need evidence fast, not another platform to maintain.

Consultants and advisory firms

Running assessments across multiple client environments. A managed service means a repeatable process without standing up new infrastructure per engagement.

Security and GRC leaders

Responsible for the compliance posture but not the engineering lift. Adopt threep without pulling in the platform team.

Teams that need value quickly

If self-hosting isn't practical right now, threep.cloud is the shorter path to the same evidence-backed approach.

Early access

Join the waitlist.

threep.cloud is in development. Leave your information and we'll reach out when early access opens.

You're on the list.

We'll be in touch when early access opens. In the meantime, threep.ai is open source and available today.

Explore threep.ai →

threep.ai stays open source.

threep.cloud is the managed path — but the core evidence engine remains free, open-source, and self-hostable. If you'd rather run it yourself, everything you need is on GitHub. No paywalls, no feature gaps, no dependency on us.

threep.ai GitHub