# VSHN Application Catalog

> VSHN Application Catalog: managed databases, identity, and platform services on your private cloud. One contract, one ops team, Swiss operations, ISO 27001.


One contract. One ops team. Databases, identity, secrets, and platform services. All fully managed on your private cloud infrastructure. VSHN operates your entire open-source application stack so your engineers build products, not platform.


## Pages

- [Homepage](https://www.appcat.ch/): Managed Open-Source Services on Private Cloud | VSHN AppCat
- [Partner with VSHN on the Application Catalog | VSHN](https://www.appcat.ch/partners.md)
- [Application Catalog Sovereignty — Swiss Managed Services | VSHN](https://www.appcat.ch/sovereignty.md)

## Trusted by Swiss organizations

- [Finnova](https://www.vshn.ch/en/success-stories/finnova/)
- [acrevis](https://www.vshn.ch/en/success-stories/acrevis/)
- [HRM Systems](https://www.vshn.ch/en/vshn-partner/hrm-systems/)
- [Schweizerisches Bundesarchiv BAR](https://www.vshn.ch/en/success-stories/schweizerisches-bundesarchiv-bar/)
- [HIN](https://www.vshn.ch/en/success-stories/hin-health-info-net/)
- [Taurus](https://www.vshn.ch/en/success-stories/taurus/)

## Testimonials

> We set the bar very high in terms of data. No financial compensation could ever make up for leaked medical information.

> — Mohammad Alavi, CTO, Health Info Net

> We reduced monthly incidents from twelve to zero and improved our SLA from 99% to 100%. We wanted a Red Hat partner as a single point of contact for our Red Hat technology. We had worked with VSHN before and had full trust in them.

> — Sebastien Pasche, VP Engineering, Taurus

> Providing such a scalable OpenShift platform promptly ourselves would have meant substantial pre-investment and time for building a corresponding team. For us, it has proved to be the most effective, efficient and secure way of not establishing this service in-house.

> — Daniel Bernasconi, CTO, Finnova

## Application Catalog FAQ

### What is the VSHN Application Catalog?

The Application Catalog is VSHN's portfolio of fully managed open-source services: databases, identity management, secrets, and platform tooling. Each service is operated 24/7 by VSHN engineers on your private cloud or on Swiss public cloud infrastructure, with automated backups, monitoring, and patching included.


### Which infrastructure does the Application Catalog support?

VSHN operates AppCat services on any Kubernetes-based platform: on-premises OpenShift, private cloud clusters, or dedicated nodes on Swiss providers like cloudscale.ch and Exoscale. You choose where your data lives. VSHN handles operations regardless of the underlying infrastructure.


### How does pricing work for enterprise deployments?

Enterprise pricing is based on the services you need, the SLA tier you require, and the operational complexity of your environment. VSHN provides a custom quote after an initial architecture assessment. There are no per-user fees or usage-based surprises. Pricing is predictable and monthly.


### How does onboarding work?

Onboarding starts with an architecture assessment where VSHN maps your current infrastructure and service requirements. We then provision services on your target platform, configure monitoring and backup policies, run validation tests, and hand over access to your development teams. Typical onboarding takes two to four weeks depending on complexity.


### What SLA does VSHN guarantee?

VSHN offers up to 99.99% SLA availability depending on the service and deployment topology. SLAs cover the managed service layer. The underlying infrastructure is covered by your cloud or on-premises provider. SLA credits apply automatically when targets are missed.


### Is the Application Catalog compliant with FINMA, DORA, and NIS2?

VSHN is ISO 27001 certified since 2014 and operates exclusively from Switzerland with Swiss staff. AppCat deployments on private cloud infrastructure meet the outsourcing requirements of FINMA Circular 2018/3, the ICT third-party risk management provisions of the EU Digital Operational Resilience Act (DORA), and the supply chain security requirements of the NIS2 Directive. VSHN provides audit documentation on request.


### Can I start with one service and add more later?

Yes. Most customers start with one or two services, typically a managed database or Keycloak, and expand as needs grow. Adding a new service to an existing AppCat contract is straightforward because VSHN already operates on your infrastructure and understands your environment.


### How is the Application Catalog different from Servala?

Servala is VSHN's self-service platform for deploying managed services on sovereign Swiss public cloud with a few clicks. Ideal for startups and small teams. The Application Catalog targets enterprises that need managed services on their own private cloud infrastructure, with custom SLAs, dedicated support, and white-glove onboarding.


### What happens if we want to leave?

Every service in the Application Catalog is open source with standard APIs and data formats. Your data, configuration, and backups are always accessible. VSHN provides an offboarding runbook for each service so your team or a new provider can take over operations without data loss or extended downtime.


## Start with an architecture assessment

Tell us about your infrastructure and the services you need. We'll map out how the Application Catalog fits your environment and provide a custom proposal.


Booking: #contact

## Services

- **Subheading**: Every service is fully managed by VSHN engineers: provisioned, patched, backed up, and monitored around the clock. Pick what you need, or let us manage the full stack.


## Why Vshn

- **One contract, full stack**: A single SLA covers your databases, identity services, secrets management, and platform tooling. One vendor, one ops team, one invoice. No juggling five managed service providers.

- **Your infrastructure, our operations**: VSHN operates on your private cloud, on-premises OpenShift, or dedicated nodes on cloudscale.ch and Exoscale. Your data stays on infrastructure you control. No shared tenancy, no hyperscaler lock-in.

- **Swiss operations, certified since 2014**: ISO 27001 certified since 2014. All operations staff are based in Switzerland. No subcontracting to offshore teams. FINMA Circular 2018/3, EU DORA, and NIS2 audit-ready.

- **Standardized operations, not consulting**: 86% of VSHN's revenue is recurring monthly operations, not project-based consulting. You get a productized service with 24/7 on-call, patching, and upgrades at a fraction of the cost of three to five platform engineers (CHF 450K–750K/year). VSHN complements your consulting partners, not competes with them.

- **Open source, vendor-backed**: Every service in the catalog is open source with standard APIs and data formats. Where available, VSHN provides vendor or consulting company-backed support subscriptions (e.g. EDB for PostgreSQL, Inventage for Keycloak). If you leave, your data and configuration come with you.

- **Graduation path from self-service**: Start with Servala self-service for quick deployments. When compliance or scale requirements grow, graduate to VSHN-managed services on private cloud. Same technology, higher touch.


## Sovereignty

- **Body**: Swiss company, Swiss data centers, Swiss operations staff. No US Cloud Act exposure. ISO 27001 certified since 2014. FINMA, DORA, and NIS2 audit-ready. Every AppCat service runs on infrastructure you choose: on-premises, Swiss public cloud, or hybrid.

- **Cta Label**: Read our sovereignty assessment
- **Cta Url**: /sovereignty/

## Comparison

---

## Partner with VSHN on the Application Catalog | VSHN

# Partner with VSHN on the Application Catalog

You bring the customer relationship and project expertise: architecture consulting, application integration, data migration, compliance advisory. VSHN brings 24/7 managed operations for 15+ open-source services, Swiss data residency, and SLAs up to 99.99%. Together you deliver a full managed stack without either side building capabilities you don't have.

## Why this works

VSHN is not a consulting company. 86% of our revenue is recurring monthly operations. We don't compete with your project business. You deliver the transformation, we keep the lights on.

- **No competition**: VSHN sells standardized operations, not consulting engagements
- **Recurring value**: Your customer stays on VSHN operations, and you stay the trusted advisor
- **Full stack**: Databases, identity, secrets, platform, and AI/ML services, all operated by one team

## How we collaborate

**Lead Partner model.** For each project, one of us is the customer's single point of contact. Who leads depends on the project, agreed per engagement. The Lead Partner drives the project, handles invoicing, and owns first-level support.

**Joint delivery.** You handle consulting, integration, and project management. VSHN handles infrastructure operations, monitoring, backups, and SLA. Roles are agreed per engagement, not locked into a rigid structure.

**Flexible billing.** Invoice the customer together or separately, agreed per project. Both models are supported: each party invoices their share directly, or one party invoices the full amount and redistributes.

**Protected relationships.** No undercutting. Your customer stays your customer. Existing relationships are respected on both sides, with contractual protections for both parties.

## Division of labor for the Application Catalog

| Your role | VSHN's role |
|-----------|-------------|
| Architecture consulting and design | 24/7 service operations |
| Application integration | Monitoring, alerting, incident response |
| Data migration and onboarding | Automated backups and disaster recovery |
| Compliance advisory and audit support | Security patching and upgrades |
| Project management and customer relationship | SLA management with up to 99.99% availability |

## What you can offer your customers with VSHN

- **Managed databases**: PostgreSQL, EDB, MariaDB, Redis, RabbitMQ
- **Identity and security**: Keycloak (with Inventage), OpenBao
- **Development platforms**: GitLab, Forgejo
- **Infrastructure**: OpenShift, Kubernetes, Crossplane, NGINX, Varnish
- **AI/ML operations**: vLLM, LiteLLM, LLMOps

All services run on the customer's infrastructure (on-premises, cloudscale.ch, Exoscale) with Swiss operations.

## Partners delivering with VSHN

**[tim&koko](https://tim-koko.ch)**. Cloud consulting firm delivering container migrations and CI/CD pipeline design on VSHN-operated infrastructure.

**[Puzzle](https://puzzle.ch)**. Software company with 140+ employees. Provides cloud-native consulting and DevOps transformation alongside VSHN managed services.

**[bespinian](https://bespinian.io)**. Cloud-native consulting firm focused on Kubernetes and application delivery.

See all VSHN partners at [servala.com/partners](https://servala.com/partners/).

## Become a partner

Interested in delivering managed open-source services together? Let's explore how we complement each other.

[Book a partnership discovery call](https://aarno.cal.vs.hn/15-appcat) or [start a partnership conversation](#contact).


---

## Application Catalog Sovereignty — Swiss Managed Services | VSHN

# Application Catalog Sovereignty: Your Stack, Your Infrastructure, Swiss Operations

When you outsource your database, identity provider, secrets manager, and platform tooling to a single vendor, that vendor holds the keys to your entire application stack. Jurisdiction, data residency, and operational control matter more for a full-stack engagement than for any single service.

US hyperscaler managed services (AWS RDS, Azure Database, Google Cloud SQL, Amazon ElastiCache, Azure AD) run on US-owned infrastructure under US law. The [CLOUD Act](https://en.wikipedia.org/wiki/CLOUD_Act) allows US authorities to access your data without Swiss judicial process, regardless of which region you select.

The VSHN Application Catalog runs every service on infrastructure you choose: on-premises, Swiss public cloud (cloudscale.ch, Exoscale), or hybrid. Your data never leaves your control.

## Why the Application Catalog is a strong choice for sovereignty

- **Infrastructure-agnostic**: You choose the provider. VSHN operates on your Kubernetes cluster, not on shared multi-tenant infrastructure
- **100% open source**: Every service (PostgreSQL, MariaDB, Redis, Keycloak, OpenBao, Forgejo, Crossplane, NGINX, Varnish, vLLM, LiteLLM) is open source with standard APIs
- **No vendor lock-in**: Standard protocols, standard data formats. If you leave, your data and configuration come with you
- **Swiss operations**: All operations staff are based in Switzerland. No offshoring, no subcontracting
- **Single contract**: One SLA, one vendor, one legal relationship under Swiss law

## Managed services sovereignty compared

| Dimension | AWS Managed Services | Azure Managed Services | GCP Managed Services | VSHN Application Catalog |
|-----------|---------------------|----------------------|---------------------|------------------------|
| **Ownership** | Amazon (USA) | Microsoft (USA) | Google (USA) | VSHN AG (Switzerland) |
| **Governing law** | US law | US law | US law | Swiss law |
| **CLOUD Act** | Exposed | Exposed | Exposed | Not exposed |
| **Data location** | Configurable (EU regions) | Configurable (EU regions) | Configurable (EU regions) | Switzerland or your DC |
| **Source code** | Proprietary service layer | Proprietary service layer | Proprietary service layer | 100% open source |
| **Infrastructure choice** | AWS only | Azure only | GCP only | Customer chooses provider |
| **Operations team** | USA | USA | USA | Switzerland ([Swiss-only option](https://products.vshn.ch/support_plans.html#_option_switzerland_only_support)) |
| **Certifications** | SOC 2 | SOC 2, ISO 27001 | SOC 2 | [ISO 27001](https://www.vshn.ch/wp-content/uploads/2025/12/ISO-27001-certificate-VSHN-2024.pdf), ISAE 3402 Type II |

## Compliance and regulatory readiness

VSHN is ISO 27001 certified since 2014 and operates exclusively from Switzerland with Swiss staff. AppCat deployments on private cloud infrastructure support:

- **FINMA Circular 2018/3**: Outsourcing requirements for Swiss financial institutions. VSHN provides audit documentation, Swiss-only operations, and contractual commitments for regulated customers
- **EU DORA** (Digital Operational Resilience Act): ICT third-party risk management provisions. AppCat on private cloud meets DORA's requirements for critical ICT service providers
- **NIS2 Directive**: Supply chain security requirements for essential and important entities. VSHN's ISO 27001 controls map to NIS2 Article 21 requirements
- **GDPR / Swiss DPA**: Swiss data residency by default. EU adequacy decision covers Swiss-EU data transfers

## VSHN sovereignty self-assessment

We applied the EU's [Cloud Sovereignty Framework](https://commission.europa.eu/document/09579818-64a6-4dd5-9577-446ab6219113_en) (v1.2.1, October 2025) to our own services. This framework was used to score providers in the EU's [EUR 180M sovereign cloud tender](https://ec.europa.eu/commission/presscorner/detail/en/ip_26_833) in April 2026. Three pure-European providers achieved SEAL-3, while a consortium involving Google Cloud scored only SEAL-2.

*This is a self-assessment, not a formal SEAL certification. We publish it for transparency so customers can evaluate our sovereignty profile using the same structured criteria the EU uses.*

| # | Dimension | Weight | Assessment | Evidence |
|---|-----------|--------|-----------|----------|
| SOV-1 | Strategic | 15% | **Strong** | Swiss AG, no foreign parent, all shareholders Swiss citizens ([Commercial Register](https://zh.chregister.ch/cr-portal/auszug/auszug.xhtml?uid=CHE-275.566.226)) |
| SOV-2 | Legal | 10% | **Strong** | Swiss law ([GTC](https://products.vshn.ch/legal/gtc_en.html)), no CLOUD Act, [EU adequacy decision](https://commission.europa.eu/law/law-topic/data-protection/international-dimension-data-protection/adequacy-decisions_en) |
| SOV-3 | Data & AI | 10% | **Strong** | Swiss DCs by default. Customer chooses infrastructure provider. Sovereign key management via [Managed OpenBao](https://www.openbao.ch) + [Swiss HSM](https://cloud.securosys.com/cloudhsm) |
| SOV-4 | Operational | 15% | **Strong** | Swiss 24/7 ops, [Swiss-only support option](https://products.vshn.ch/support_plans.html#_option_switzerland_only_support). All services on vanilla Kubernetes |
| SOV-5 | Supply Chain | 20% | **Strong** | Infrastructure-agnostic — [customer chooses provider](https://servala.com/providers/). Open-source software |
| SOV-6 | Technology | 15% | **Strong** | 100% open source. VSHN contributes to [K8up](https://github.com/k8up-io) (CNCF), [Crossplane providers](https://github.com/vshn), [Project Syn](https://github.com/projectsyn) |
| SOV-7 | Security | 10% | **Strong** | [ISO 27001](https://www.vshn.ch/wp-content/uploads/2025/12/ISO-27001-certificate-VSHN-2024.pdf), ISAE 3402 Type II, Swiss SOC. [FINMA-regulated customers](https://www.vshn.ch/en/solutions/solutions-for-banks-and-financial-service-providers/) |
| SOV-8 | Environmental | 5% | **Moderate** | DC operators: Green Datacenter AG (ISO 22301/27001/27701), [Exoscale sustainability](https://www.exoscale.com/sustainability/). [VSHN CSR policy](https://handbook.vshn.ch/corporate_social_responsibility_policy.html) |

**Overall: SEAL-3 equivalent**, the same level achieved by the winners of the EU's own sovereignty tender. No provider worldwide achieved SEAL-4: it requires fully EU/EEA-sourced hardware supply chains and open-source foundations, structural gaps shared by every cloud provider.

Try Swiss infrastructure: [Servala](https://www.servala.com) (managed services, free trial), [Exoscale]({{partner:exoscale.signup_url}}) (Swiss IaaS). Want help choosing? [Contact us](#contact).

## Get a sovereignty assessment for your stack

Running managed services on US hyperscalers and concerned about jurisdictional risk? We assess your sovereignty profile against the EU framework and plan a migration to Swiss-operated infrastructure with the VSHN Application Catalog.