The data nobody should be casual about
Think about what a finished engagement actually contains: live credentials, exploit chains that work today, internal topology, and a ranked list of the fastest ways into the environment. If that leaks, you have not had a data breach — you have handed someone a pre-written one. Uploading it to a multi-tenant SaaS means it now lives on infrastructure you do not control, under a breach-notification clause you skimmed, indexed in logs you cannot see. For the single most sensitive artifact your team produces, that is a strange default to accept.
What local-first actually means
Local-first is not "we also have an on-prem option." It means the default path keeps your data on your machine and only sends what you explicitly choose to send. In Zypheron that shows up in concrete ways:
- Encrypted local storage. Findings, projects, reports, and history live in encrypted SQLite on your own disk. Close the app, reopen it, and your workspace is exactly where you left it — without a round trip to anyone's server.
- CLI artifacts under your home directory. Scans, loot, and sessions sit in
~/.zypheron, where you can read, back up, or shred them on your terms. - No cloud sync by default. Sharing happens only when you opt in by pairing the CLI to the desktop — and even then the link is loopback-verified and the token lives in your OS keyring.
The AI question: whose model, whose key
AI is the part where "local-first" usually quietly breaks. Plenty of tools route your context through their account on their terms. Zypheron does it differently. Cloud chat uses your own Anthropic or OpenAI key, so the relationship — and the data-handling terms — is directly between you and the model provider, with no vendor sitting in the middle. And when nothing should leave the machine at all, you run a local model through Ollama. That is the real air-gap story: the copilot reasons over your findings without a single byte crossing your network boundary.
Use the cloud models when speed and capability matter and the engagement allows it. Switch to a local Ollama model for classified, air-gapped, or contractually sensitive work. Same workspace, your call per engagement.
Why this matters for compliance and contracts
Data residency is not a preference anymore; it is a clause. GDPR, sector rules, and most serious client contracts care a great deal about where sensitive data physically lives and who can touch it. A local-first tool makes that answer simple: it lives here, on this machine, and the list of third parties with access is short and explicit. Try giving that answer cleanly about a tool that silently syncs your findings to a cloud you have never audited.
The tradeoff, stated honestly
Local-first asks something of you: backups are yours to run, and effortless cross-device sync is not free the way a SaaS makes it feel. That is the deal. You trade a little convenience for the certainty that the most dangerous document you produce is not sitting on someone else's servers. For pentest data specifically, that is a trade most serious teams should take without much hesitation.
The free CLI keeps everything under ~/.zypheron; the desktop adds encrypted SQLite, the visual workspaces, and bring-your-own-key AI with an Ollama fallback. Either way, the data stays where it belongs — with you.