aiAuthZ

Security & compliance

Security posture

aiAuthZ produces audit evidence designed to hold up in disputes, internal review, and regulatory inspection. The same signed receipts power day-to-day debugging and after-the-fact forensics.

What agents do today

Modern agent runtimes — OpenClaw, Hermes, OpenAI Assistants, Anthropic Messages, Claude Code, Cursor, LangChain, custom ReAct loops — read inboxes, post in chat, and execute scripts on host machines. They treat any inbound message as authoritative and have no built-in way to distinguish a message from the operator from a message from a stranger.

What aiAuthZ does

aiAuthZ verifies an HMAC signature on every inbound message before the agent acts on it. Each subsequent tool call is checked against an off-host policy: signature valid, session bound to the same operator, action on the role allow-list. Each accepted call is paired with a sealed watermark receipt that can be cryptographically verified later.

Data we hold

Account email and display name, the WorkOS subject id, message metadata, and the policy decision for each tool call. Plaintext message bodies are encrypted at rest with the master key. Tool outputs are not retained by the gateway.

Data we never hold

Operator secrets are never observed in plaintext by the gateway. Stored data is never used to train models. Data is never sold and is never shared with a third party beyond what is required to render the authenticated dashboard.

Retention & deletion

Audit retention is configurable per deployment: 90 days on Pro, 180 days on Team, and unlimited (or shorter) on Enterprise. Self-host deployments set their own retention. Account deletion is honoured within 30 days; remaining audit records are cryptographically scrubbed of personally identifying fields and the receipts retained only for integrity-of-history references. Audit retention is optional — deployments may opt out entirely and store nothing beyond the in-flight decision.

Compliance & controls

What's covered, what's documented, what's next.

Each framework below names the scope, current state, and what's documented. We're early — the SOC 2 Type II audit is in progress, not complete. Where we say "aligned," it means the architectural controls are in place and the matrix maps cleanly; where we say "in progress," the formal audit hasn't closed yet. Control matrix and BAA / DPA templates available on request under NDA.

  • SOC 2 Type II
    in progress

    Control mapping documented; Type II audit window opens once we cross the 90-day evidence threshold. Control matrix available on request under NDA.

    • Mapped controls: CC1-CC9, A1.1-A1.3, C1.1-C1.2.
    • Evidence collection live: access reviews, change management, incident response runbook.
    • Auditor selection in progress (Q1 readiness review).
  • HIPAA
    aligned

    Architectural controls aligned with the Security and Privacy Rules. BAA available on Enterprise.

    • PHI never observed by the gateway in plaintext.
    • Audit log fields configurable to omit identifiers under §164.514.
    • BAA template + subprocessor list shared during procurement.
  • GDPR
    aligned

    DPA signed on request. EU-residency region in rollout (currently US-only hosted).

    • Data Processing Agreement covers Articles 28, 32, 33, 34.
    • Right-to-erasure: account deletion within 30 days; receipts retained without identifying fields.
    • Self-host deployments inherit the same control mapping (you control the residency).
  • COPPA / kids workloads
    aligned

    Designed for platforms serving under-16 users.

    • Customer data is never used to train models, here or downstream.
    • No third-party data sharing beyond the authenticated dashboard.
    • Parental-consent metadata can be required at the message layer.

Disclosure

Found a vulnerability? Email [email protected]. Response within 24 hours.