Security Architecture

A deep dive into how we protect your AI agent. For a quick overview, see our Security page.

7 layers of protection

Outbound-Only Encrypted Tunnels

Every agent connects to the outside world exclusively through outbound-only encrypted tunnels with TLS 1.3. Zero listening ports on your server. Invisible to port scanners — no one on the internet can initiate a connection to your agent.

Docker Sandbox Isolation

All tool executions run inside Docker containers with strict resource limits, read-only filesystem mounts, and no network access unless explicitly allowed. Containers are destroyed after each execution.

DM Pairing (Contact Verification)

Before your agent responds to a new contact on any messaging platform, it requires your explicit approval. This blocks social engineering attacks and unauthorized access.

Tool Allowlist

Only pre-approved tools can execute. No access to arbitrary shell commands, unapproved filesystem operations, or unauthorized network connections. Every invocation is logged.

LUKS2 Encrypted Storage

Storage volumes are encrypted at rest using LUKS2 with AES-256-XTS. Encryption keys are managed separately from the storage volumes. Physical access to hardware cannot expose your data.

No Incoming Traffic

The agent gateway binds to localhost only. All inbound connections from the public internet are blocked. Your agent can make outbound requests, but nothing external can reach it.

Isolated Virtual Private Server

Every agent runs on its own dedicated VPS. No multi-tenancy at the infrastructure level. CPU, memory, storage, and network are completely isolated from every other customer.

Network isolation model

Your agent's network architecture eliminates entire classes of attacks.

Public Internet

Blocked

Edge Network

TLS termination

Encrypted Tunnel

Outbound-only

Agent VPS

Localhost-only

Zero listening ports — invisible to Shodan, Censys, and all port scanners

All connections initiated outbound by the agent, never inbound

Defeats port scanning, brute force, and direct exploitation attacks

Encryption

Three layers of encryption protect your data at every stage.

At rest

AES-256-XTS encrypted storage volumes (LUKS2)

In transit

TLS 1.3 encrypted tunnels for all communication

Field-level

AES-256-GCM for sensitive database fields (tokens, secrets)

Token security

Credentials are handled with defense-in-depth at every step.

Timing-safe comparisons prevent attackers from guessing tokens through response timing differences

Credentials stored in an encrypted vault on the control plane — never written to disk on the agent VPS

Credential rotation API allows rotating all tenant secrets without downtime

All webhook payloads verified with HMAC signatures using fail-closed validation

Audit logging

Every action is recorded with full context for traceability.

Every tool invocation logged with timestamp, input, and output

Authentication events tracked (login, token refresh, session expiry)

Configuration changes recorded with before/after values

Tamper-evident log storage — modifications are detectable

Configurable retention policies per compliance requirements

Ready to hire your first AI employee?

Production-ready in 5 minutes. All 7 security layers included on every plan.

Get Started See Pricing