ENTERPRISE
Self-hosted AI memory for regulated industries. Open-source, Apache 2.0, local-first. Build it into your VPC. Talk to the person who wrote it.
Why self-hosted widemem
Managed memory services want your data in their cloud. If you are in healthcare, finance, or any environment where patient data, customer records, or internal knowledge can't leave your perimeter, that's a non-starter. widemem was built local-first from day one. Zero external services, zero telemetry, zero phone home. You can run the entire stack (LLM, embeddings, vector store, metadata store) inside your VPC or on air-gapped hardware.
Use cases we take seriously
YMYL-aware memory
Two-tier YMYL classifier boosts health facts to high importance and disables decay. Allergies, medications, and conditions don't get forgotten because 72 hours passed.
No data egress
Local-first storage (SQLite plus FAISS). Pair with Ollama and sentence-transformers and the whole pipeline runs inside your network. Nothing leaves your perimeter.
Air-gap compatible
Apache 2.0 source-available means your security review reads every line. Zero required external services. Ships as a Python library you embed into your own service.
What you get with a support contract
- Direct access to the person who wrote the library. No tier-1 triage, no tickets bouncing between teams.
- Compliance review help for your environment. Architecture diagrams, data flow docs, and answers to the vendor questionnaires your legal team will put in front of you. Prepared on a pilot basis, tailored to your stack.
- Priority bug fixes with a named SLA. If your production depends on it, you are at the top of the queue.
- Migration help from Mem0, Zep, Letta, or whatever you are running today. Includes an honest “this tool is better for your use case” if that's the conclusion.
- Custom provider integrations if you need a vector store, LLM, or embedding provider that widemem doesn't support today.
- Pilot with the founder at a fixed scope and timeline. Start with one production use case. Expand from there.
What you get with the Apache 2.0 library (free)
Everything. The full feature set, all providers, the whole SDK, GitHub Issues, and the blog. widemem is not a gated open-core play. Enterprise is about humans and SLAs, not features behind a paywall.
Honest scope
widemem is not itself SOC2 or HIPAA certified because it is a library, not a service. The compliance posture of your deployment is yours. A support contract gets you help navigating the review, the architecture choices, and the audit trail (get_history() gives you a full log of every add, update, and delete). It does not give you a certificate the library does not have.
See /benchmarks for measured performance vs Mem0, Zep, LangMem, and others on the LoCoMo benchmark. See /docs/self-hosting for the current deployment guide.
Pricing
Three engagement shapes. Pick the one that matches where you are. All include the full Apache 2.0 library; you are not paying for feature unlocks. You are paying for the time, the hosting, and the compliance posture.
| Tier | Price | Term | What it covers |
|---|---|---|---|
| Pilot | $7K-$15K | 30 days, fixed | Architecture review, deployment into your stack, integration with your LLM provider, two production use cases live by day 30. You keep everything when we are done. |
| Production support | $2K-$10K / mo | Annual contract | Direct access (Slack + email), named SLA on bugs, version-upgrade help, compliance-questionnaire support, monthly office hours. Tier set by memory volume and SLA latency. |
| Hosted (coming H2 2026) | From $499 / mo | Monthly | We run the deployment on HIPAA-eligible AWS. You get an API key, an audit dashboard, and the BAA chain. Self-service tiers from $499; enterprise tiers custom. |
Production-support pricing scales with three knobs: memory volume, SLA tier (best-effort / 24h / 4h), and compliance scope (none / GDPR-architecture help / HIPAA-architecture help). The $2K floor is for small deployments without a tight SLA; the $10K ceiling is for high-volume deployments needing 4-hour SLAs and active compliance review support.
Roadmap
What is shipped, what is in flight, and when the hosted offering opens. Everything below stays Apache 2.0 in the library; the engagement tiers above are how we fund the work.
Q2 2026 (now)
- pgvector backend: run widemem against any Postgres deployment (RDS, Cloud SQL, Azure Postgres, Neon, Supabase). Same library, hosted database.
- Source-message provenance design: link every fact in the audit log back to the inbound message that produced it. Issue tracked at #21.
- Framework adapters: LangChain ChatHistory, LangChain Retriever, LangGraph BaseStore. Open community issues at #22, #23, #24.
- Anthropic Claude provider: completes frontier-lab LLM coverage (OpenAI, Anthropic, Ollama). #25.
Q3 2026
- SSO / SAML adapter: enterprise-friendly authentication for the audit-log API. Open source.
- RBAC layer: per-memory and per-user-group access controls. Open source.
- SIEM export adapters: push the history log to Datadog, Splunk, or generic webhooks for compliance teams who centralize audit data. Open source.
- Postgres history store: move the audit log from SQLite to the same Postgres that holds the vectors. One database, one backup story, one BAA.
- Source-message provenance implementation (closing #21).
Q4 2026
- Hosted offering opens on HIPAA-eligible AWS. Self-service tiers from $499/mo.
- SOC 2 Type I preparation begins (audit firm engaged, controls documented).
- BAA partner list published for customers self-hosting on HIPAA-eligible AWS, GCP, or Azure regions.
2027
- SOC 2 Type II attestation completed (12 months of evidence).
- Multi-region hosted: EU and US regions with regional data residency.
- v2.0 release: architectural work informed by 2026 customer deployments.
Dates are intentions, not commitments. They move based on what customers need first. If your timeline depends on a specific item, say so in the form below; we will tell you whether the date is firm or moveable for your engagement.
Get in touch
Fill the form. I respond within one business day. The first call is 30 minutes, technical, and not a sales pitch. We figure out if widemem is the right tool for your problem. If it isn't, I'll tell you.