# Astra

> Astra tokenizes sensitive PHI, PCI, and PII data before AI agents ever see it, enabling full HIPAA/PCI/GDPR compliance with zero data exposure in under 50ms.

Astra is a drop-in data protection layer for AI agents that tokenizes sensitive data — PHI, PCI, and PII — before it ever reaches a language model. Enterprises can deploy AI agents on sensitive healthcare, financial, and personal data with zero raw data exposure, achieving HIPAA, PCI-DSS, and GDPR compliance in as few as three API calls. The SDK wraps any existing agent framework with `BlindAgentMiddleware`, requiring no infrastructure changes or config files. Astra supports Cloud, Hybrid (Vault in your VPC), and Air-Gap (fully on-premise) deployment modes.

- **Data Tokenization** — *Astra scans and classifies incoming data, replacing PHI/PCI/PII fields with type-aware tokens like `[PATIENT_NAME]` and `[CARD_NUMBER]` in under 50ms, so agents always know the data type but never the real value.*
- **Blind Agent Reasoning** — *AI agents receive typed tokens and reason with full semantic context without ever seeing raw SSNs, credit card numbers, or medical records.*
- **Vault Resolution & Execution** — *When action is required, the Astra Vault resolves tokens and executes — running inside your VPC in Hybrid/Air-Gap mode so Astra the company never holds your decryption keys.*
- **Drop-in SDK Integration** — *Install via `pip install codeastra`, wrap your agent with `BlindAgentMiddleware`, and call `.run()` — one dependency, no config files, no infrastructure setup.*
- **Multi-Framework Compatibility** — *Works with any agent framework; auto-classifies and auto-tokenizes before the LLM call.*
- **HIPAA Compliance** — *BAA available; detects and tokenizes all 18 PHI identifiers.*
- **PCI-DSS Support** — *Luhn-validated card detection; tokens never leave your VPC.*
- **Zero Logging** — *No raw data is stored, cached, or logged at any point.*
- **SOC 2 Aligned** — *Immutable audit trail on every API call.*
- **Flexible Deployment** — *Choose Cloud (fully hosted), Hybrid (Vault in your VPC), or Air-Gap (fully on-premise with local LLM via Ollama) to match your compliance requirements.*

## Features
- PHI/PCI/PII tokenization
- Type-aware tokens
- BlindAgentMiddleware SDK
- Vault-based token resolution
- HIPAA compliance with BAA
- PCI-DSS support
- GDPR compliance
- Zero raw data logging
- SOC 2 aligned audit trail
- Cloud deployment
- Hybrid VPC deployment
- Air-Gap on-premise deployment
- Local LLM support via Ollama
- Under 50ms latency
- 3-call integration

## Integrations
Ollama, Any LLM/agent framework

## Platforms
API, CLI, DEVELOPER_SDK

## Pricing
Freemium — Free tier available with paid upgrades

## Links
- Website: https://codeastra.dev
- Documentation: https://codeastra.dev/docs
- EveryDev.ai: https://www.everydev.ai/tools/codeastra