Security & Compliance

The architecture that makes
a single breach impossible
to cascade.

Every security control at Provenance AI was designed in response to a documented failure in the current vendor market. This page documents what we built, why we built it, and how you can verify it.

Certifications & Compliance Status

What we hold โ€” and what is coming.

Certifications are not promised post-contract at Provenance AI. SOC 2 Type II certification is a pre-contract requirement โ€” no lab signs a primary agreement until the certification is in hand and the audit report is on file.

๐Ÿ”
SOC 2 Type II
Pre-Contract Requirement
๐Ÿ›ก๏ธ
Zero-Trust Architecture
Live โ€” Day 1
๐Ÿ”‘
HSM Key Management
HashiCorp Vault
๐Ÿ“‹
SBOM Enforcement
All Dependencies
๐ŸŒ
GDPR Data Residency
EU Deployment โ€” Q3 2026
๐Ÿ›๏ธ
FedRAMP Readiness
Year 2 Roadmap
Isolation Architecture

Why shared infrastructure is a
structural failure, not a risk.

The Mercor breach did not happen because of a sophisticated attack. It happened because all clients shared the same infrastructure. A compromised dependency in one environment had direct access to every client's data simultaneously. This is not a security failure that better monitoring prevents โ€” it is an architectural choice that makes cascade failure inevitable.

At Provenance AI, every client lab operates in a completely separate cloud environment. Not a separate VPC. Not a separate subnet. A separate cloud account with separate billing, separate access controls, separate encryption keys, and separate audit logs. The isolation is enforced at the infrastructure provider level โ€” not at the application level where it can be bypassed.

Client Isolation Architecture
Anthropic Tenant
Dedicated AWS Account
Isolated Vault Instance
Separate Encryption Keys
DeepMind Tenant
Dedicated GCP Account
Isolated Vault Instance
Separate Encryption Keys
Microsoft Tenant
Dedicated Azure Account
Isolated Vault Instance
Separate Encryption Keys
โ›” Zero Cross-Tenant Routing โ€” Enforced at Infrastructure Level
Provenance AI Core Platform
Task routing only โ€” no data access to client tenants
All inter-tenant communication: physically disabled
Security Controls

Every control. Every status.
No omissions.

The following table documents every primary security control in the Provenance AI architecture. Labs receive this document before any contract is signed, not after.

Control CategorySpecific ControlImplementationStatus
Supply ChainSoftware Bill of Materials (SBOM)Every production dependency documented and approved before use. Snyk automated scanning on every pull request. Daily CVE database checks against all running packages.Live
Supply ChainDependency lockfiles enforcedNo ad-hoc package installation in any environment. All dependency changes require security review gate before merge. Direct response to LiteLLM-style supply chain attacks.Live
Identity & AccessZero-trust network architectureEvery internal service requires explicit authentication. No implicit trust based on network location. MFA required for all internal systems.Live
Identity & AccessLeast-privilege access controlRole-based access with zero standing access to client data. Access is time-limited and requires explicit justification for each session.Live
EncryptionData at rest โ€” AES-256All client training data encrypted at rest. Keys managed in client-isolated HashiCorp Vault instances. Keys never touch application code.Live
EncryptionData in transit โ€” TLS 1.3TLS 1.3 minimum on all data transmission. TLS 1.2 and below explicitly disabled. Certificate pinning on all client-facing endpoints.Live
Client IsolationSeparate cloud accounts per clientEach lab runs in a dedicated AWS, GCP, or Azure account. Separate billing, separate IAM, separate VPCs. Cross-account network routing disabled at provider level.Live
Audit & LoggingImmutable audit logsAll data access, annotation, and modification events logged to immutable S3 + CloudTrail. Logs cannot be altered or deleted by any internal actor.Live
Vulnerability ManagementPenetration testingAnnual third-party penetration test by an independent firm. Results shared with co-pilot labs' security teams. Critical findings trigger 48-hour remediation SLA.Annual
ComplianceGDPR data residencyEU data residency options for labs with European regulatory obligations. No EU personal data leaves EU AWS/Azure regions without explicit written authorization.Q3 2026
ComplianceFedRAMP readinessFormal FedRAMP authorization process initiated in Year 2. Required for labs pursuing US government AI contracts through Microsoft and Amazon channels.Year 2
Incident Response SLAs

Every promise is a
contract term.

Security SLAs at Provenance AI are written into every primary contract with financial penalties for breach. These are not vendor commitments that evaporate when something goes wrong โ€” they are enforceable obligations.

4hr
Breach Notification
All co-pilot labs notified within 4 hours of any security event detection โ€” regardless of whether their environment was affected. Full incident report included.
48hr
Critical Vulnerability Remediation
Any critical CVE identified in production dependencies triggers a 48-hour remediation SLA with mandatory all-hands response.
90d
Breach Penalty Credit
Any confirmed breach from vendor negligence triggers a 90-day invoice credit plus an independent security audit at Provenance AI's cost.

Download the Security Overview PDF

A one-page summary of our security architecture, certifications, and SLAs โ€” formatted for distribution to your security and legal teams.

Request PDF โ†’