AI RUNTIME + AGENT OPERATING CLOUD

The AI cloud.
Built different.

Five AI runtimes, a global edge network with WAF and Redis CDN, multi-environment GPU deployments, managed database, and zero-credential BRICQS Identity security — all in one platform. No shared infrastructure, ever.

5
AI runtimes
3
Deploy environments
WAF
+ Bot + Geo-IP + CDN
0
Shared tenant infra
console.bricqs.cloud
PLATFORM STATUS
llama-3-8b-chat
GPU · production
Running
llama-3-8b-chat
GPU · preview
Running
support-agent
Agent · Anthropic
Active
docs-qa
RAG · 12 docs
Active
bricqs-edge
Edge · WAF+Redis active
Live
EDGE NETWORK ·, West region
WAF
Active
Bot block
On
Redis CDN
Hit
BRICQS PLATFORM CAPABILITIES
Edge Network
WAF + Bot Protection
Redis CDN Cache
GPU Runtime
Domains + SSL
BRICQS Identity
BRICQS Monitor
Managed managed SQL database
CI/CD Automation
GLOBAL EDGE NETWORK

WAF. Bot scoring.
Geo-IP routing.
Redis CDN cache.

Every domain on BRICQS is served through a real edge router — not a CDN integration, the actual traffic path. 9 OWASP WAF rule categories, multi-signal bot scoring, RIR-delegated geo-IP (259,824 IPv4 ranges), and a Redis CDN cache authenticated exclusively via BRICQS Identity — zero stored credentials.

OWASP Top 9 managed WAF rulesets — SQLi, XSS, RFI, path traversal, PHP/Apache/IIS injection
Multi-signal bot scoring: path heuristics, rate-per-IP, user-agent fingerprints, reputation lists
259,824 IPv4 ranges from ARIN/RIPE/APNIC/LACNIC/AFRINIC for real geo-IP routing
Redis CDN cache authenticated via BRICQS Identity — no passwords, no stored access keys
Real cache hit ratio in BRICQS Monitor BRICQS Monitor · Purge by path or prefix via API
Read edge docs
WAF Firewall
9 OWASP rule categories
SQLi, XSS, RFI, path traversal
PHP, Apache, IIS injection rules
Auto-block + log on match
Bot Protection
Multi-signal scoring
Rate-per-IP + path heuristics
Known bad UA fingerprints
IP reputation lists
Geo-IP Routing
ARIN/RIPE/APNIC/LACNIC/AFRINIC
259,824 IPv4 ranges
Country-level request tagging
Binary packed, ~2.5 MB
Redis CDN Cache
BRICQS Identity auth
Zero stored credentials
Cache-hit ratio in Monitor
Purge by path or prefix
AI RUNTIMES

Five runtimes.
A real cloud platform underneath.

Pick the execution model your AI application needs. Each one is a real, working backend — not a roadmap item.

GATEWAY
LLM API

Connect OpenAI, Anthropic, or Google. One unified OpenAI-shaped endpoint — switch providers without touching app code.

Key in your org vaultOpenAI-compatibleProvider-agnostic
CONTAINERS
GPU

Deploy open models to a real, dedicated GPU container. Development, preview, and production environments with real BRICQS Monitor metrics.

LLaMA, Mistral, Phi-3Dev/preview/prodCPU/mem/GPU% live
TOOL USE
Agent

A tool-using reasoning loop with calculator and web-fetch tools. Up to 6 steps with the full trace returned.

Sandboxed toolsFull trace returnedAnthropic-backed
RETRIEVAL
RAG

Upload documents, get grounded answers via vector similarity search. PDF, DOCX, TXT.

vector searchPDF/DOCX/TXTChunk + embed
PIPELINES
Workflow

Chain prompt-template steps with templated input/output. Cross-runtime — call a GPU deployment or RAG index from any step.

{{input}}/{{previous}}Cross-runtime stepsStep-by-step log
INFRASTRUCTURE

Real databases. Real deployments.
Real observability.

BRICQS provisions and operates cloud infrastructure directly — not wrappers, the actual resources. Vercel, Railway, and comparable functionality, built into one AI-native platform.

MANAGED POSTGRES
Databases

Provision a real, dedicated managed SQL database server. Table editor, SQL editor, saved queries, compute-tier picker, and GitHub-driven schema migrations on push.

Real managed databaseGitHub migrationsvector search built-in
3 ENVIRONMENTS
Deployments

Development, preview, and production environments per deployment. Zero-downtime promote: new production is confirmed running before the old one retires.

Dev/preview/prodZero-downtime promoteAudit-log backed
BRICQS MONITOR
Monitoring

Real CPU%, memory%, GPU utilization%, request count, and response time from BRICQS Monitor for every deployment — no app-level instrumentation required.

Live CPU/mem/GPU%Real request latencyZero-config telemetry
AUTOMATED
CI/CD

Trivy filesystem + per-image CVE scan, pip-audit, npm audit, and idempotent schema migrations — all automated on every push. No manual SQL steps.

Trivy CVE scan in CIAuto migrationsnpm + pip audit
DOMAINS

Register. Manage. Secure.
Route with WAF + CDN.

BRICQS is a full domain platform — not a CNAME-point-and-pray integration. Search and purchase domains via BRICQS Registrar, manage real DNS records, issue BRICQS SSL certificates (DNS-01 challenge, wildcard support), and route traffic through the edge router with WAF, bot protection, and Redis CDN cache — all from one console.

Domain search, purchase, transfer — BRICQS Registrar
Real DNS management: add/delete/import records, DNS snapshots + restore
Let's Encrypt TLS: DNS-01 challenge, wildcard certs, auto-bind to Container App
Edge rules: custom routing, redirects (301/302/307/308), maintenance mode
Security checks: CAA, DNSSEC, HSTS, cert transparency, email health (MX/SPF/DKIM/DMARC)
Edge analytics: real requests, bandwidth, threats, latency, cache hit ratio per domain
AI-assisted DNS: suggest records based on your deployment context
Multi-tenant wildcard routing: onboard subdomains through the edge router
Domain Registrar

Search availability, purchase, transfer, and manage registrant profiles. Real WHOIS. Powered by BRICQS Registrar..

SSL / TLS

Automated TLS — DNS-01 challenge with wildcard support. Cert bound to your Container App automatically.

DNS Management

A/AAAA/CNAME/MX/TXT records, DNS templates, snapshots with full restore, and AI-assisted suggestions.

Edge Rules + Redirects

Custom routing rules, 301/302/307/308 redirects, maintenance mode, and cache purge by path.

Domain Analytics

Real requests, bandwidth, threats blocked, avg latency, top countries, status distribution — from BRICQS Monitor BRICQS Monitor.

Security Checks

CAA records, DNSSEC, HSTS auto-set, cert transparency log, email health (SPF/DKIM/DMARC).

ZERO-CREDENTIAL SECURITY

BRICQS Identity.
No passwords.
No secrets stored.

BRICQS edge services authenticate to Redis using BRICQS Identity — short-lived short-lived identity tokens, auto-refreshed every 40 minutes, no access keys anywhere. Redis runs in zero-credential mode: access keys are permanently disabled at the platform level.

BRICQS Identity

System-assigned identity on Container Apps. Token from BRICQS identity credential, identity claim decoded from token.

zero-credential cache

key-based auth disabled at the platform level — permanently. No fallback password path exists at the infrastructure level.

Encrypted secrets

Purge tokens and service credentials stored as encrypted Container App secrets via BRICQS secret store + secretref.

Zero stored creds

No passwords in env vars, no keys in code. The only auth path is a BRICQS-issued identity token with a 1-hour TTL.

BRICQS Identity auth flow
# 1. Get identity token — no password needed
cred = BRICQS identity credential()
token = await cred.get_token(
"the cache service scope"
)
# 2. Decode oid from JWT — no metadata call
payload = base64url_decode(token[1])
oid = payload["oid"]
# 3. Connect — Redis validates via BRICQS Identity
redis = AsyncRedis(
identity token credentials.token,
port=6380, ssl=True
)
✓ connected via managed identity
Token refresh every 40 min · Access keys permanently disabled
PLATFORM

Dedicated infrastructure. Not a shared multi-tenant pool.

Every organization gets its own dedicated BRICQS Storage account and secrets vault. Your secrets never share infrastructure with another tenant. Provider API keys live in your vault — the database never holds the real value.

Read the docs →
Dedicated per org

A real, separate storage account and secrets vault provisioned for every organization — automatically at signup.

Secrets isolation

Provider API keys live in your org's own dedicated vault. managed SQL database never holds the real value — only a reference.

Real GPU containers

GPU Runtime deploys to actual dedicated containers on BRICQS Compute with a real promote flow — not a simulated status.

3-environment model

Development, preview, and production run simultaneously as separate BRICQS Compute — each independently billed and provisioned.

BRICQS Monitor metrics

CPU%, memory%, GPU%, request count, and response time from real BRICQS Monitor APIs — no instrumentation needed in your app.

Quota guardrails

Hard caps on concurrent GPU deployments and daily runtime calls — enforced server-side, billing-tier-aware as Stripe goes live.

bricqs-pipeline.yml — CI/CD pipeline
# Security gates run on every push
Security:
- trivy fs . --severity HIGH,CRITICAL
- pip-audit --strict
- npm audit --audit-level=high
BuildAndPushImages:
- docker build + push (api, web, edge)
- trivy image scan per image
ApplyMigrations:
- migrate.sh (idempotent, tracked)
ApprovalGate → Deploy → SmokeTest
✓ All steps automated. No manual SQL.
CI/CD AUTOMATION

Every step automated.
Zero manual SQL.

BRICQS runs a fully automated CI/CD pipeline on every main-branch push: Trivy filesystem + per-image CVE scanning, pip-audit and npm audit dependency checks, idempotent schema migrations tracked in schema_migrations, and automated smoke tests — before any deployment gate can open.

Trivy CVE scanpip-auditnpm auditIdempotent migrationsSmoke testsApproval gate
PRICING

Plans, designed for where you are

Free to start. Paid billing is launching soon — these limits are enforced today.

Free
$0/month
For builders & prototypes
2 concurrent GPU deployments
200 runtime calls/day
Dedicated Storage + Vault
Edge network + WAF included
Community support
Get started free
Pro
Coming soon
For growing AI teams
10 concurrent GPU deployments
5,000 runtime calls/day
Priority support
Full edge analytics
Billing launches soon
Join the waitlist
Enterprise
Contact us
Large-scale AI infrastructure
Custom GPU + call limits
Dedicated infrastructure
Edge network SLA
SSO discussion available
Direct support channel
Contact sales

Build your first AI app today.

Dedicated infrastructure. Global edge. zero-credential identity security. No card required.

Start free — no card required →Talk to us