DataStrict

Glossary

Container (OCI Image)

A lightweight, isolated unit that packages a process and its dependencies to run on a shared host kernel - the standard way self-hosted software like DataStrict is deployed.

A container runs a single process and its dependencies as an isolated unit on top of a shared host operating-system kernel. Linux namespaces give it a private view of processes, network, and filesystem, while cgroups cap the CPU, memory, and I/O it can consume - so it behaves as if it were alone on the machine, without the overhead of a full virtual machine.

Containers are distributed as OCI (Open Container Initiative) images: signed, immutable, content-addressed artifacts you can scan, pin by digest, and roll back. DataStrict ships as one such image, so it runs under the exact controls a platform team already applies to everything else in the estate.

All terms

Govern AI like infrastructure.

Talk to our team about deploying DataStrict across your enterprise stack.