Tesserra
Unified cloud infrastructure

Professional infrastructure from your first domain to global scale.

Domains, DNS, business email, hosting, storage, and applied AI in one console — simple enough for a small team to start today, robust enough for enterprises that require logical per-organization isolation and multi-region operations.

Get started Talk to sales
Corporate email and DNS in one placeSelf-service — no tickets for the basicsLogical per-organization isolationPlans that grow with your organization
console.tesserra.io / workspace / productionJSWorkspaceProjectsDomainsEmailFilesAIHealthSettingsProduction overviewAll systems operational · last updated 2m agoLast 7 daysUPTIME · 30D99.99%▲ 0.02%REQUESTS · 24H1.24M▲ 12%ACTIVE REGIONS5/8EU + US + BRAI TOKENS4.7M62% of quotaTrafficRequests across all regions · 7 daysEU + USAPAC + BR1.5M1.0M500k01.42M reqMonTueWedThuFriSatSunLive regions5 active · 3 plannedus-east-1Virginiaeu-west-1Dublinbr-south-1São Pauloap-east-1Tokyo
Product

One control plane — not a patchwork of integrations.

Infrastructure, platform, and product teams manage domains, DNS zones, corporate mailboxes, deployments, files, and AI quotas in one corporate environment — centralized identity, policy, and billing.

Enterprise platform, delegated operations

Each organization has its own tenant, quotas, and billing, with data segregated in the API. Admins and engineers provision resources in the console — without tickets for routine operational tasks.

Layered technical security

TLS via Let's Encrypt on managed domains, logical per-organization isolation, bcrypt (cost 12) password hashing, rotated refresh tokens, lockout after failed attempts, and server-side logging of authentication and selected sensitive actions.

End-to-end self-management

Domains, DNS, email, projects, hosting, AI consumption, and billing are administered in the console. Plan changes, limits, and cancellation follow the same flow — operational autonomy, not dependency on a sales queue.

PLATFORM

Infrastructure primitives for production organizations.

From DNS zones to AI models in production: a coherent stack with governance where scale demands it and flexibility where engineering needs it — built for corporate environments and critical workloads.

Managed domains & DNS

Bring any domain, manage A, AAAA, CNAME, MX, TXT, SRV, and CAA records through a visual zone editor or our API. Automatic ownership verification, BIND zonefile export, no provider lock-in.

  • Visual zone editor + API
  • Export to BIND zonefile
  • TXT-based ownership verification
  • Editable TTLs and SRV priorities

Business email

Mailboxes and aliases on your own domain with strong password hashing, configurable forwarding, multi-destination aliases, and per-mailbox quotas. A real email server — not a forwarding hack.

  • bcrypt password hashing
  • Programmable forwarding rules
  • Multi-destination aliases
  • Per-mailbox quota and limits

File manager

Upload your application, edit files inline, version your work, and keep everything sandboxed per project. Drag-and-drop UI, live quota usage, and S3-compatible API for programmatic access.

  • Drag-and-drop upload
  • Inline text editor
  • Live quota visibility
  • Sandboxed per project

High availability

Configurable replicas per resource, load balancing across replicas, and periodic health checks. Multi-zone and multi-region available on paid plans depending on the resilience tier you choose.

  • Configurable replicas
  • Multi-zone and multi-region
  • Periodic health checks
  • Auto-restart on failure

Applied AI

Domain-tuned assistants integrated into the workspace. Predictable monthly token quota, transparent overage at the line-item level, and usage tracked per organization. Dedicated model deployments available on Enterprise.

  • Vertical-tuned models
  • Monthly quota included
  • Pay-as-you-go overage
  • Dedicated deployments

Technical security

Logical per-organization isolation, TLS via Let's Encrypt, rate limiting per API key and per origin, configured CSP and HSTS headers, and server-side logging of selected sensitive events.

  • Logical per-organization isolation
  • TLS with automatic renewal (LE)
  • CSP and HSTS configured
  • Sensitive-event logging

Technical foundations of the platform.

99.9%
Monthly availability target
TLS 1.2+
In-transit encryption (HTTPS)
Fernet
Operational secrets encrypted
24/7
Platform monitoring
Regional data center facility where Tesserra runs customer workloads.
INFRASTRUCTURE

Multi-region platform with per-tenant isolation.

Tesserra is the orchestration, automation, and isolation layer that runs workloads on Tier III data centers. Each customer organization has its own tenant, billing, and logically segregated data on the platform.

01

Five active regions across three continents

Wolverhampton (UK), Hamburg (DE), New York and Dallas (US), and Mumbai (IN) — clusters with NVMe storage and 10 Gbps networking.

02

Multi-region workloads

Workloads can be pinned to a single region or distributed across several for low-latency access and higher availability.

03

Sensitive-event logging

Login, authentication failures, and selected sensitive actions are recorded with timestamp, user, IP, and detail on the server (auth_eventos table).

REGIONS

Five active regions across three continents.

Production traffic runs out of the United Kingdom, Germany, the United States, and India. Workloads can be pinned to a single region or distributed across them for low-latency access and higher availability.

Active (5)
On request (0)
  • uk-west-1· WolverhamptonActive
  • eu-north-1· HamburgActive
  • us-east-1· New YorkActive
  • us-central-1· DallasActive
  • ap-south-1· MumbaiActive
PRICING

Transparent pricing. No surprise bills.

Start with what you need today, scale to your largest deployment tomorrow. Volume discounts and committed-use contracts available for Enterprise.

BILLED IN
Evaluate the platform — no card required to start
Provision 1 project on a Tesserra subdomain, with the AI assistant on a reduced quota.
Create account

Starter

Para validar a ideia e colocar o site no ar.

$9.00/month
Start with Starter
Includes
  • 500k AI tokens / month
  • 2 projects · 2 domains
  • 10 email mailboxes
  • 5 GB of files · 2 team members
  • up to 1 replicas / resource
Features
  • 1 domínio
  • DNS gerenciado
  • TLS automático
  • Hospedagem de site estático
  • Caixa de e-mail @seudominio
  • Suporte por e-mail
Overage: $0.01 per 1k tokens

Pro

Most popular

Para times que precisam crescer com qualidade.

$29.00/month
Start with Pro
Includes
  • 3M AI tokens / month
  • 10 projects · 10 domains
  • 50 email mailboxes
  • 50 GB of files · 10 team members
  • up to 3 replicas / resource
Features
  • Tudo do Starter
  • Multi-zona (HA)
  • Auto-scaling
  • Métricas e alertas
  • Backups diários
  • Suporte por chat
Overage: $0.01 per 1k tokens

Business

Para operações sérias com SLA dedicado.

$99.00/month
Start with Business
Includes
  • 15M AI tokens / month
  • 50 projects · 50 domains
  • 500 email mailboxes
  • 1000 GB of files · 50 team members
  • up to 10 replicas / resource
Features
  • Tudo do Pro
  • SLA 99.9% contratual
  • Suporte prioritário 24/7
  • Onboarding dedicado
  • Auditoria detalhada
  • SSO/SAML
Overage: $0.01 per 1k tokens
ENTERPRISE

Enterprise contracts. Dedicated regions. Custom SLAs.

We work with regulated industries, multinationals, and high-throughput AI products. Talk to our team about dedicated capacity, on-prem connectivity, bespoke compliance reviews, and committed-use pricing.

Contact sales
Tesserra team in an office meeting room — informal conversation, no screens.
São Paulo · Brazil
ABOUT TESSERRA

Built by a distributed team.

Tesserra is operated by a remote-first team headquartered in São Paulo, Brazil. Founded in 2022 to deliver an enterprise infrastructure layer — domains, DNS, business email, hosting, storage, and applied AI — in a fully self-managed console with unified identity and billing per organization.

Customer support is delivered directly by the engineering team. When you escalate a ticket, you reach the people who built the system — not a script or an outsourced queue.

2022
Founded
BR
Based in São Paulo
Remote-first
distributed team
Direct
engineer-led support
HOW WE OPERATE

A lean team on the control plane.

Engineering, infrastructure, and product in one loop — the same people who design also operate and support what customers run in production.

Platform engineers reviewing multi-tenant service architecture and APIs.
Platform

Core services, multi-tenant isolation, and APIs for domains, DNS, provisioning, and per-organization billing.

Datacenter infrastructure — racks and networking.
Infrastructure

Multi-region nuclei, capacity planning, observability, and the operational posture of production workloads.

Engineer providing direct customer support — builders who ship also answer tickets.
Product & support

Console, onboarding for new organizations, and direct support from the people who built the system — no outsourced queue.

HEADQUARTERS

Based on Avenida Paulista, São Paulo.

Our office sits in the corporate corridor of Avenida Paulista, in the Bela Vista district. The avenue concentrates a large share of the country's financial, technology, and consulting headquarters, and is well served by metro and major bus lines.

Visits are by appointment only. The engineering team operates remote-first, but the address is open for customer meetings, vendor reviews, and on-site contract signing.

Office
Avenida Paulista, 1765 — 7º andar, Conj. 72
Bela Vista, São Paulo — SP
Brazil
Get directionsSchedule a visit
Edifício Scala — Avenida Paulista, Bela Vista, São Paulo.
Avenida Paulista · Bela Vista · São Paulo
Tesserra engineering team in a cloud infrastructure architecture session.

Why work at Tesserra

We are a self-managed cloud platform built by people who run real production. You ship features enterprise customers use the same day — DNS, provisioning, billing, webmail — with technical autonomy and world-class documentation.

Remote-first

Work from where you perform best, with Paulista hub meetups when it matters.

Real ownership

Small teams, fast decisions, and direct contact with people using the product.

Modern stack

FastAPI, Next.js, Docker, Ollama, Stripe — all in production, not on slides.

Technical growth

Budget for certifications, conferences, and protected learning time.

CAREERS

Build enterprise infrastructure with us.

We hire engineers and operators who want depth — production systems, clear ownership, and direct contact with customers. Remote-first, with a corporate hub in São Paulo for in-person collaboration when it matters.

View open roles

Open roles

Engenheiro(a) de Plataforma Sênior

Engenharia de Plataforma · Remote-first · Brasil

Remote

Evolua o console multi-tenant, APIs de domínios, DNS e provisionamento com foco em confiabilidade e auditoria.

Engenheiro(a) de Infraestrutura

Infraestrutura · Remote-first · Américas/Europa

Remote

Operação de núcleos multi-região, automação de deploy e métricas de hardware em escala.

ABOUT

Enterprise infrastructure on a single control plane.

Tesserra was founded in 2022 so mid-size and large organizations can run domains, DNS, business email, hosting, storage, and AI workloads in a fully self-managed environment — without a fragmented vendor catalog or ad hoc integrations.

Each customer organization has its own tenant and invoice, with logically segregated data in the API. Payment via Stripe in BRL, USD, or EUR, with PDF invoice export.

Per-organization isolation
Each customer has its own tenant, quotas, and billing; data filtered by organization in the API and files in a separate directory.
Technical practices
TLS via Let's Encrypt, bcrypt (cost 12) password hashing, rotated refresh tokens, lockout, CSP/HSTS headers, and server-side sensitive-event logging. Payments processed by Stripe (PCI DSS Level 1, SAQ A scope).
No lock-in
Export your files, BIND zonefiles, and database backups at any time. Standard formats, no exfiltration fees.
Multi-currency
Billing in BRL, USD, and EUR via Stripe, with PDF invoice export.
FREQUENTLY ASKED QUESTIONS

Almost everything you'll want to know.

How does AI token billing work?

Every plan includes a monthly token quota. Overage tokens are billed at a small per-thousand rate on the next invoice, with a per-line-item breakdown. Real-time usage is visible in the dashboard at all times, and you can set hard caps to prevent overage entirely.

Do I need a domain to subscribe?

No. You can sign up first, explore the platform, and add one or more domains whenever you want — within your plan limits, at no extra cost. Bring an existing domain or transfer one to us; we handle DNS, TLS, and email setup automatically.

Do you operate your own email servers?

Yes. You create mailboxes on @yourdomain directly from the dashboard, set quotas, configure forwarding, and manage aliases. Email is included in plan limits — no separate invoice from a third-party email vendor.

How do you address availability?

Each resource can be configured with replicas and a resilience tier (single-zone, multi-zone, or multi-region depending on the plan). Periodic health checks and auto-restart on failure are included. Contractual SLAs are negotiated on Enterprise plans.

Do you offer dedicated regions or on-prem connectivity?

On request, on Enterprise plans. Talk to our team — we don't publish standard SLAs or pricing for these scenarios.

What does your security review process look like?

For security review and DPA, contact our team. Documentable technical controls today: TLS (Let's Encrypt) on managed domains, logical per-organization isolation, bcrypt (cost 12) password hashing, rotated refresh tokens, lockout after failures, CSP/HSTS headers, and server-side logging of authentication and selected sensitive actions. Formal audits (SOC 2, ISO 27001) have not yet been completed.

Can we run dedicated AI model instances?

On Enterprise plans, dedicated GPU capacity can be negotiated. Self-serve plans use a shared pool with a monthly token quota.

Can I cancel any time?

Yes. There's no long-term commitment on self-serve plans. Cancel from the customer portal — your access continues through the end of the paid cycle. Enterprise contracts have committed terms negotiated upfront.

How is my workspace isolated?

Each organization has data segregated by tenant_id in the API, files in a per-project directory, short-lived access tokens with rotated refresh and lockout, and strict security headers in the console. Login and selected sensitive actions are logged on the server.

Where is my data stored?

In regional clusters in the United Kingdom (Wolverhampton), Germany (Hamburg), the United States (New York and Dallas), and India (Mumbai). You choose the region for each project. For specific residency requirements, contact our team. You are the data controller; Tesserra acts as the processor and is aligned with LGPD and GDPR.

How does payment work?

Via Stripe in BRL, USD, or EUR (credit card or ACH/SEPA). We issue an invoice and PDF every cycle. Payment methods, plan changes, and cancellation are self-service in the dashboard. Enterprise customers can pay via PO and bank transfer.

Production infrastructure under your organization's control.

Access the console, evaluate the platform at your pace, and scale to enterprise contracts with dedicated regions, custom SLAs, and compliance reviews when operations require it.

Access console Talk to sales