We sell trust infrastructure. We hold ourselves to the same standard we ask our customers to hold their agents to: claim only what's actually true, and write down everything we're working on.
Last reviewed: May 20, 2026.
Concrete controls running in production right now. If we can't point at the code or the runbook, it's not on this list.
TLS is enforced site-wide on veriswarm.ai and api.veriswarm.ai. HTTP requests are redirected to HTTPS. Modern cipher suites only.
Production data is stored on encrypted disks. Backup volumes are encrypted with separate keys.
Every customer gets their own workspace. Data is partitioned at the database layer by organization and tenant identifiers, and every read and write enforces tenant scope.
Vault writes every customer-facing event to a hash-chained ledger. Any retroactive modification breaks the chain and is detectable with a single API call. The ledger is wired into the production event path — not an after-the-fact log.
Database backups run automatically every day with a 7-day rolling retention. Backups are stored separately from the primary database and tested for restore viability.
Three auth mechanisms: scoped API keys for platform integrations, bearer tokens for admin operations, and session cookies for the web UI. All operations are rate-limited and rate-limit headers are returned on every response.
When customers route LLM traffic through Guard, personally identifiable information is tokenized before it reaches any third-party model. The plaintext stays inside the customer's tenant; the LLM sees opaque references.
Operators can halt all decisions for a tenant or a specific agent from a single endpoint. The kill switch is evaluated before any policy check — it's the last layer of control, not the first.
Things we're working toward but haven't shipped yet. We don't claim them on this page until they're real, and we don't hand-wave timelines we haven't committed to.
No auditor has been engaged yet. We'll update this page when an engagement is signed and a target completion date is set. If you're an enterprise buyer who needs SOC 2 to move forward, tell us— that kind of signal helps us prioritize.
We do internal security review before each major release. A third-party pen test is on the roadmap but not scheduled. Same note: if it's a blocker for you, tell us.
Third-party services that may process customer data. We use as few as we can get away with, and we keep this list current.
| Provider | Purpose | Data |
|---|---|---|
| Cloudflare | CDN, DDoS protection, tunnel | Request metadata |
| Stripe | Billing and payments | Account, payment method |
| Plausible Analytics | Privacy-respecting site analytics | Aggregated page views (no cookies, no PII) |
| LLM providers Anthropic, OpenAI, Google, Mistral | Routed model inference (customer-configurable) | Prompts and responses (PII tokenized when Guard is enabled) |
A signed DPA is available on request. See also our Data Processing Agreement and Privacy Policy.
If you've found a security issue in VeriSwarm, please let us know. We work with researchers in good faith.
Email security@veriswarm.aiwith a clear description, reproduction steps, and your assessment of impact. We prefer encrypted email when the report contains sensitive details — request our PGP key and we'll send it back.
We will not pursue legal action against researchers who act in good faith, follow this policy, and avoid privacy violations, destruction of data, or interruption or degradation of our service. Stay within the scope below.
veriswarm.ai (marketing site, account UI)api.veriswarm.ai (REST API, MCP server)For vulnerability reports, security questionnaires, or anything else — we'll get back to you.
security@veriswarm.aiMachine-readable contact information is published at /.well-known/security.txt per RFC 9116.