One platform.
Four suites.
Sovereign by design.
Clario360 unifies data resilience and corporate operations on a single configurable core — one login, one audit, Arabic-first. Built once as shared services, so every application inherits the platform instead of rebuilding it.
8 of 15 applications are generally available today — 7 more on the 2026–27 roadmap.

Built for the Kingdom's regulatory bar
Clario360 maps to the frameworks Saudi institutions are audited against — and deploys where your data is required to stay.
NCA ECC
Essential Cybersecurity Controls
Aligned 2026SAMA CSF
Cyber Security Framework
Aligned 2026PDPL
Personal Data Protection Law
Aligned 2026ISO 27001
Information security management
Aligned 2026Najiz
Ministry of Justice integration
Aligned 2026ZATCA
E-invoicing (Fatoora)
Framework packs ship in-platform. Alignment reviewed 2026 — evidence available under NDA. Marks denote alignment, not certification.
Point tools don't add up to a platform
Most institutions run a dozen disconnected products. The cost isn't the licences — it's everything that has to be rebuilt around them.
Tool sprawl
A dozen point products, each with its own login, data model, and audit trail to reconcile.
The integration tax
Every new tool means brittle point-to-point integrations to build — and maintain forever.
Data leaves the Kingdom
SaaS-only vendors move regulated data offshore, outside NCA and PDPL control.
No single source of truth
No unified identity, audit or reporting across the stack — so diligence stays manual.
See the platform
Real screens from the running product — the same consoles your teams operate from day one.
Recover in minutes — and prove it to your regulator
A recovery console that turns failover into a governed, evidence-producing operation instead of a leap of faith.
- Gated failover with sealed, tamper-evident recovery points
- Drills and game-days that generate regulator-ready evidence automatically
- Sovereign replication that keeps every copy inside the Kingdom

Legal operations that speak Arabic first
A legal command center built for departments in the Kingdom — not a translation bolted onto someone else’s tool.
- One legal service desk covering eight legal services end to end
- Hijri-aware deadlines and a court calendar that never misses a hearing
- Najiz-, Nafath- and e-signature-ready integrations — sandbox-verified today

Design a process once, run it everywhere
One visual designer and one shared engine power every approval in every suite — no per-app workflow silos.
- Visual designer with approval chains and four-eyes controls
- 75+ prebuilt templates for the processes enterprises actually run
- One engine shared by every suite — model once, reuse everywhere

See everything — without your data leaving the Kingdom
Security operations and executive intelligence, running on the same sovereign data plane.
- A SOC with detections mapped to MITRE ATT&CK out of the box
- Risk heatmaps and exposure scoring across your whole estate
- Executive dashboards on the same data — no exports, no copies

Four suites, built on one core
Each suite is a family of applications that share the platform — so capability compounds across resilience, operations, security and analytics, and you never pay to build the same thing twice.
DataStream Suite
Data resilience and mobility — four applications on one Go replication core.

ClarioDR الاستعادة GA
Failover & recovery
Sovereign failover, drawn end to end — immutable, ransomware-safe recovery points with one-click, audit-grade drills.
Learn moreClarioMigration الترحيل Roadmap
Move workloads anywhere
Anywhere to anywhere, gated and reversible — hyperscalers migrate you in; Clario migrates you anywhere, including back.
Learn moreClarioSync المزامنة Roadmap
CDC ≤ 10 s
Change data capture at ≤10 seconds — flat, predictable pricing. The engine meters rows for visibility, never for billing surprises.
Learn moreClarioDWH المستودع Roadmap
Sovereign lakehouse
The sovereign lakehouse everything feeds — bronze keeps the truth, silver keeps the standard, gold keeps the answers.
Learn moreBusiness+ Suite
Corporate operations in NestJS — Arabic-first, workflow-powered, event-connected.

WatheeqTech وثيقتك GA
Legal & contracts
Legal operations, Arabic-native — the architecture treats the Arabic document as the primary artifact, not a translation.
Learn moreMahamaTech مهامتك Roadmap
Projects & delivery
Delivery tied to strategy and risk — a task is never an island; it traces up to an OKR and sideways to a risk, automatically.
Learn moreEHKAM إحكام Roadmap
Risk & compliance
GRC with the frameworks pre-loaded — one control, many frameworks; evidence collected once satisfies every mapped regulation.
Learn moreBOSALAH بوصلة Roadmap
Strategy & board
The executive layer everything feeds — it writes almost nothing of its own; it is the read-model of the whole platform, which is its power.
Learn moreActa المجالس GA
Board & committee governance
Run boards and committees properly — committees, meetings, minutes and action items, tracked to closure.
Learn moreClarioSec
Security operations, threat intelligence and cyber programs — one sovereign console, Arabic-first.

CTEM إدارة التعرض GA
Continuous threat exposure management
Continuously find, prioritise and close exposures before they become incidents — assessment to remediation, gated and tracked.
Learn moreDSPM وضع أمن البيانات GA
Data security posture management
Find sensitive data, see who can reach it, and fix the exposure — data assets, policies, access control and compliance in one place.
Learn moreUEBA تحليل السلوك Roadmap
User & entity behaviour analytics
Detect the threats signatures miss — baseline normal behaviour for users and entities, then surface the anomalies that matter.
Learn moreClarioVCISO مدير الأمن الافتراضي GA
Virtual CISO
A virtual CISO that runs the security programme — risk register, policies, third-party risk, evidence, maturity and incident readiness, with AI briefings.
Learn moreClarioInsight
Data intelligence and analytics — pipelines, quality and dark-data discovery, surfaced as live dashboards.

Data Intelligence ذكاء البيانات GA
Sources, models, pipelines & quality
Govern data end to end — sources, models, pipelines, quality and dark-data discovery, with contradiction detection built in.
Learn moreVisus Dashboards لوحات المعلومات GA
Dashboards, KPIs, reports & alerts
Live dashboards, KPIs, reports and alerts — the reporting surface every team reads, fed by governed data.
Learn moreReady to see it on your own data?
A guided demo on a sovereign deployment — mapped to your frameworks and workflows.
Your data never has to leave the Kingdom
Sovereignty isn't a deployment option bolted on at the end — it's the constraint every component is built to. No cloud-only dependencies, anywhere in the stack.
- In-Kingdom data residency by default
- Air-gapped and classified-environment ready
- Bring-your-own-key (BYOK) — you hold the root of trust
- Full audit trail inside your own tenant
- Static binaries — no external calls required to run
One core. Adopt at your pace.
Everything runs on shared services, so you start small and compound — without re-platforming.
Begin with one suite or the whole platform. The full core ships with any of them.
Managed SaaS in-Kingdom, in your own data centre, or fully air-gapped — one codebase.
Workflows, forms, integrations and automation are admin-configured, not redeployed.
Apps share identity, audit and the event bus, so every addition makes the rest stronger.
Six principles every part of the platform obeys
These are not slogans — they are architectural constraints. Each one removes a category of cost, lock-in, or duplication before it can take root.
Platform-First
Shared services built once — every app consumes, none re-implements.
Config Over Code
Workflows, forms, integrations and automation are admin-configured, not redeployed.
Contract-First APIs
OpenAPI / protobuf contracts precede code; versioned, generated, enforced at the gateway.
Event-Driven Core
Suites integrate through the event bus — no direct cross-suite coupling.
Sovereign by Design
Every component deploys SaaS, on-prem and air-gapped — no cloud-only dependencies.
Arabic-First UX
RTL/LTR and bilingual content are platform concerns, solved once in the shared shell.
Three deployment worlds, one codebase
No cloud-only dependencies anywhere in the stack. The same components run as managed SaaS, inside your data centre, or in a fully disconnected environment.
SaaS
Fully managed in a sovereign region. Fastest to value, with Clario360 operating the platform for you.
- In-Kingdom hosting
- Managed upgrades & SLOs
- Elastic by tenant
On-premise
Runs inside your own data centre under your control, using the identical components as the managed service.
- Your infrastructure
- Your operations team
- Same codebase as SaaS
Air-gapped
A static-binary core with no cloud-only dependencies, deployable into fully disconnected, classified environments.
- No external calls required
- Static binaries, portable
- Classified-environment ready
Compliance is built in, not bolted on
The controls auditors ask for are platform features — shared once, inherited by every application.
Framework packs
NCA ECC, SAMA CSF, PDPL and ISO 27001 mappings ship in-platform and stay current.
One audit trail
Every action across every suite writes to a single, tamper-evident audit log.
Identity & access
Shared IAM with SSO, RBAC and separation-of-duties enforced at the gateway.
Encryption & keys
Data encrypted in transit and at rest, with BYOK and customer-managed key options.
Fits the stack you already run
Identity, government services, data stores, and event streams connect over open, documented interfaces — no rip-and-replace, no proprietary lock-in.
Government-gated connectors (Nafath, Najiz, emdha) ship sandbox-first and are enabled per tenant once official credentials are issued.
One platform, not a stack of point tools
Model the difference between licensing and integrating a dozen products versus running one core. Illustrative — we'll build a costed model for your environment.
Illustrative model for comparison only — not a quote. It assumes a per-tool licence baseline, per-user scaling, and ongoing integration maintenance that a unified platform removes. We’ll build a costed model for your environment on request.
Licensed by suite, priced for the institution
Flat and predictable — by suite and deployment model, never per seat. Every configuration includes the full platform core.
Trial
Self-serve selected products on the shared trial plan.
Suite
One suite and its full application family on the complete core.
Platform
All four suites, every application, cross-suite event flows.
Sovereign
Dedicated sovereign infrastructure with bespoke assurance.
Common questions
One sovereign enterprise platform: four product suites and a shared core of platform engines, under one login and one audit trail — built Arabic-first.
8 of 15 applications are generally available now; the remaining 7 are on the 2026–27 roadmap. Every plan includes the full platform core of 12 shared engines.
Yes. The core is a set of static binaries with no cloud-only dependencies, so the identical components run as managed SaaS, on-premise, or in a fully disconnected environment.
In-Kingdom by default, on infrastructure you approve. Bring-your-own-key encryption keeps the root of trust in your hands.
Yes — most institutions begin with one suite and add others later. The full platform core comes with any of them.
By suite and deployment model, not per seat — flat and predictable, with no consumption surprises. Air-gapped deployments are scoped with you directly.
One sovereign platform. Every critical operation.
See resilience, legal, security, and insight working together — a guided demo on your scenarios, in English or Arabic.


