Multi-Layer Security Architecture
Security is provided through multiple layers
1
LLM Layer (Core)
Models like Claude from Anthropic go through rigorous training to minimize risk.
2
Platform Layer
Technical security measures including the security agent, guardrails, and access controls.
3
Agent Layer
Agent behavior is driven by instructions and limited to enabled capabilities.
4
User Layer (Outer)
Users decide capabilities, configure guardrails, and provide oversight.
Key Security Features
Security Agent
Background agent that reviews plans and can veto unsafe actions.
Access Controls
Role-based permissions for users and agents.
Guardrails
Technical constraints enforced by the platform.
Audit Trails
Complete logging of all agent activities.
Credential Security
Encrypted storage of secrets and API keys.
Data Encryption
AES-256 at rest, TLS 1.2+ in transit.
The Security Agent
The platform includes a security agent that works in the background:- Oversees incoming events and plans
- Can veto unsafe actions
- Operates independently of the agent’s context
- Prevents prompt injection attacks
Compliance Summary
| Standard | Status |
|---|---|
| GDPR | ✅ Compliant (EU data residency) |
| Data Encryption | ✅ AES-256 at rest, TLS 1.2+ in transit |
| Access Controls | ✅ Comprehensive RBAC |
| SOC 2 Type II | 📅 Planned |
| ISO 27001 | 📅 Under evaluation |