Security

ENTERPRISE-GRADE SECURITY, BUILT IN

Sandbox isolation, scoped credentials, multi-tenant architecture, and a complete audit trail.

Get Started Free Browse Teams
Architecture

Security at Every Layer

Six layers of security that protect your data, your credentials, and your peace of mind.

Sandbox Isolation

Every run executes inside an isolated container that is destroyed after completion. No shared state, no residual data, no cross-contamination between runs.

Credentials Architecture

API keys and secrets never enter the sandbox. The platform makes external calls on behalf of employees, keeping credentials in a secured vault.

Scoped JWTs

Every run receives a unique JWT scoped to the specific tenant and run ID. Tokens expire after 30 minutes with no renewal.

Multi-Tenant Isolation

Every database query is scoped by tenant ID. No cross-tenant access is possible at the data layer, enforced by middleware.

Audit Trail

Every tool call, action, decision, and output is logged with full context. Complete traceability from input to output for every run.

Rate Limiting

Per-tenant rate limits prevent abuse. Idempotent job design ensures safe retries. No runaway processes, no unexpected costs.

Guardrails

Built-In Safety Net

Six non-optional guardrails that protect your business. These cannot be disabled -- they are part of the platform.

💰

Budget Cap

Run terminates automatically when credit limit is reached. No overages, ever.

🛑

Action Limit

Maximum N actions per run. Prevents infinite loops and runaway operations.

⚠️

Kill Switch

PAUSE ALL button instantly stops every running employee across your organisation.

🔍

Anomaly Detection

Auto-pause on unusual patterns -- unexpected volume, new tool usage, or authority escalation.

Undo Window

29-second window for reversible actions. Cancel before changes take effect.

❄️

Cool-Off Period

Daily summary emails for the first 7 days. See exactly what your employees are doing before they go autonomous.

Compliance

Compliance Ready

In Progress

SOC 2 Type II

Security, availability, and confidentiality controls aligned with SOC 2 requirements.

Compliant

GDPR Compliance

Full GDPR compliance with data processing agreements, right to erasure, and data portability.

Available

Data Residency

Choose where your data is stored. EU, US, and APAC regions available for enterprise customers.

Get in touch

Questions About Security?

Our team is happy to walk you through our security architecture, share compliance documentation, and answer any questions.

Get Started Free Contact Security Team

No credit card required.