Multi-tenant SaaS, built to outlast the contract.
Isolation, residency and key namespace enforced at the data plane — not behind a feature flag.
XIQ Venture designs and operates the platforms, key infrastructure, and integration layers that keep regulated operators online — healthcare payers, defense, public registries, and lifelong credentials.
We build the platforms, run the trust infrastructure, and connect the legacy. The five lines below are not service offerings — they are the layers of a single delivery.
Isolation, residency and key namespace enforced at the data plane — not behind a feature flag.
Roots, ceremonies and signing services run on hardware your team controls. We hand you the runbook — never the master key.
Every policy is a test. Every result is an artifact.
Mainframes and isolated networks behind typed APIs — without rewriting what works.
Residency and identity rails shift at every border. Our deploy graph knows yours.
We don't pivot between markets. We pick four where downtime carries a body count, a court order, or a stranded credential — and stay there.
Claims pipelines, prior-auth queues, capitation reconciliation, and provider-network graphs that keep moving while the regulator is reading the logs.
Read more →Identity planes, signing services, and mission UIs for environments where the network is segmented and the threat model is named. Engagements scoped under NDA.
Read more →Diplomas a relying party can verify after we're gone, the platform is gone, and the issuing university has a new logo. Cryptographic integrity, decade-scale.
Read more →Citizen identity, vital and property registries, signing rails. The system of record outlives the platform; the platform outlives the contract; we plan for both.
Read more →Every primitive we ship leaves a trail you can replay: typed inputs, signed outputs, append-only logs. Four real surfaces from production tenants — redacted, never reconstructed.
// xiq/pki — issue an institutional certificate, HSM-backed import { xiq } from "@xiq/sdk"; const cert = await xiq.pki.issue({ ca: "gov.health.root", subject: "CN=claims-api.health.gov, O=MinSalud", profile: "tls-server", hsm: "luna-7", audit: { mode: "rfc6962", retain: "10y" } }); // → cryptographic chain anchored in tenant's own root console.log(cert.serial); // 0x7f3a…c91d console.log(cert.audit); // tlog://xiq.gov/health/8421307
// W3C Verifiable Credential — academic credential, 50-year horizon { "@context": [ "https://www.w3.org/2018/credentials/v1", "https://xiq.id/contexts/edu/v2" ], "type": ["VerifiableCredential", "AcademicDegree"], "issuer": "did:xiq:edu:univ-bogota", "credentialSubject": { "id": "did:xiq:person:9c4…f02", "degree": { "type": "BachelorDegree", "name": "BSc Engineering" } }, "proof": { "type": "Ed25519Signature2020" } }
// FHIR R4 — health insurance claim, signed & logged { "resourceType": "Claim", "id": "clm_01HZX9R…7K", "status": "active", "insurer": { "reference": "Organization/insurer-22" }, "item": [ { "sequence": 1, "productOrService": { "text": "99213 Office visit" }, "unitPrice": { "value": 86.00, "currency": "USD" } } ], "meta": { "tag": [{ "code": "xiq.audit:rfc6962" }] } }
$ xiq audit tail --tenant gov.health --since 1h 2026-05-06T14:21:42Z pki.issue cert=0x7f3a…c91d subject=claims-api.health.gov 2026-05-06T14:21:43Z tlog.append entry=8421307 ca=gov.health.root 2026-05-06T14:22:01Z hsm.session luna-7 op=sign quorum=3/5 2026-05-06T14:22:09Z vc.sign cred=did:xiq:…02 issuer=univ-bogota 2026-05-06T14:23:14Z claim.submit id=clm_01HZX9R…7K status=active 2026-05-06T14:24:40Z policy.attest control=HIPAA.164.312 result=pass
Every privileged action is signed, time-stamped, and replayable. Inspectors don't ask us for evidence — they query it.
The keys that prove who you are belong to you. Our role ends at handover — then we operate under your runbook, not the other way around.
The schema, the contract, and the documentation are written for the operator who replaces us — even if she hasn't been hired yet.
Bring the mandate, the regulator, and the timeline.
We bring engineers, the runbook, and a clean handover.
No NDAs required to start a conversation.