01 · Regulatory Compliance
CERTIFICATIONS & AUDITS
SOC 2 Type II
Security, Availability, Confidentiality
Trust service criteria covering access control, encryption, incident response, and
change management.
In Progress
Target Q3 2026Audit initiated
GDPR
EU General Data Protection Regulation
Data processing agreements, right-to-erasure flows, DPA available on request, EU
data residency options.
Compliant
Reviewed Jan 2026DPA available
ISO 27001
Information Security Management
Formal ISMS covering risk management, asset classification, access control, and
physical security.
Planned
Target Q1 2027Gap analysis underway
CCPA
California Consumer Privacy Act
Consumer rights honoring, data inventory maintained, opt-out mechanisms
implemented.
Compliant
Reviewed Jan 2026Privacy policy live
HIPAA Ready
Healthcare data handling readiness
BAA available, encryption at rest and in transit, audit logging satisfies HIPAA
audit controls.
BAA Available
On requestContact sales
Pen Testing
Third-party penetration testing
Annual external penetration test by independent firm. Results and remediation
timeline available under NDA.
Annual
Last: Dec 2025Report on request
02 · Secure Development Lifecycle
EVERY GATE IS MANDATORY
01
Static Analysis & Type Safety
Semgrep
Mypy
Custom AST
▾
✓
Semgrep SAST — community + custom ruleset
Scans for injection patterns, insecure APIs, hardcoded secrets, and OWASP
Top 10 categories. Custom rules enforce internal security policy.
✓
Mypy strict mode — full type coverage enforced
--strict flag required. No implicit Any, no untyped defs. Type errors are
CI failures, not warnings.
✓
Custom AST — agentic policy-as-code validation
Proprietary AST analysis validates that agent tool calls comply with
defined security policies at the code level, before runtime.
02
Dependency & Container Scanning
Trivy
▾
✓
Trivy — SCA, container image, IaC scanning
Scans all dependencies for known CVEs, misconfigurations in container
images, and IaC security issues. CRITICAL and HIGH severity findings block CI.
✓
Dependency lock files committed and verified
All transitive dependencies pinned. Supply chain integrity verified on
every build.
03
Secrets Detection
Gitleaks
▾
✓
Gitleaks pre-commit hook — blocks commit if secret detected
Runs locally before any commit reaches the remote. Catches API keys,
tokens, connection strings, and high-entropy strings.
✓
Gitleaks CI scan — scans full git history on every PR
Catches anything that slipped through the pre-commit hook. PRs blocked
until clean.
04
Threat Modeling
Threagile
▾
✓
Threagile — architecture-as-code threat modeling
System architecture defined in code. Threagile generates threat model,
identifies attack paths, and produces risk reports automatically on change.
✓
Threat model reviewed on every significant architectural change
Model-as-code means threat analysis is versioned alongside the
architecture it describes.
05
Lint & Code Quality
Strict Lint
▾
✓
Strict linting enforced — zero warnings policy
Linter runs at warning-as-error level. No suppressions without documented
justification in PR description.
✓
Formatter enforced — no style drift, no reviewer distraction
Automated formatting check ensures code review stays focused on logic, not
style.
06
Test Coverage
>90% Coverage
▾
✓
90% minimum coverage threshold — enforced in CI
PR merge is blocked if total coverage drops below 90%. Coverage is
measured at line, branch, and function level.
✓
Security-critical paths require dedicated test coverage
RBAC enforcement, ZK channel negotiation, and quorum logic have dedicated
security regression test suites.
03 · Security Engineering Practices
HOW WE BUILD
Secrets Management
No secrets in source control, environment variables, or build logs. All secrets
stored in a dedicated secrets manager with audit logging. Rotation enforced on a defined schedule.
0
Secrets found in repo history
Dependency Hygiene
All dependencies pinned by hash. Automated dependency update PRs with security
advisory check. No direct dependency on packages with known critical CVEs.
0
Open critical CVEs
Access Control
Principle of least privilege enforced at every layer. Production access
requires MFA, is time-limited, and fully logged. No standing production access for engineers.
MFA
Required for all production access
Policy-as-Code
Security policies are defined in code, version controlled, and automatically
validated. Our custom AST enforces agentic security policy at the source level — not just at runtime.
AST
Compile-time policy enforcement
Incident Response
Severity-classified incident response process with defined escalation paths.
Post-mortems published internally after production incidents. Formal IR playbook and tabletop exercises
are on the roadmap.
24h
Target critical severity response time
Audit Logging
Every tool call, approval vote, RBAC decision, and authentication event is
logged to Firestore with structured JSON. Append-only semantics and tamper-evident hash-chaining are
planned enhancements.
90d
Audit trail retention (current)
04 · Product Architecture Security
SECURITY IS THE ARCHITECTURE
Encryption
Zero-Knowledge Execution
Tool inputs and outputs are end-to-end encrypted. The orchestration plane
routes calls without decrypting contents. No plaintext tool data transits Ruachiel infrastructure.
Enforced
Authorization
RBAC Tool Enforcement
Every tool call is authorized against the caller's role before execution.
Authorization is enforced at the control plane — not in application code. No role, no execution.
Enforced
Injection Prevention
Plan/Execute Isolation
Raw user input never reaches a tool-enabled agent. A planning layer transforms
and sanitizes input before the executor sees it. Prompt injection is architecturally prevented.
Enforced
Human Override
Quorum Approval Delegation
High-stakes tool calls can require multi-party approval with MFA-gated voting.
Configurable quorum threshold. Every vote is signed, timestamped, and immutably logged.
Available
Encryption at Rest
Data Encryption
All customer data encrypted at rest with AES-256. Encryption keys managed
per-tenant with rotation. Keys never leave the dedicated key management service.
AES-256
Transport
TLS Everywhere
All external and internal traffic encrypted with TLS 1.3 minimum. Certificate
pinning enforced for internal service communication. HSTS preloaded.
TLS 1.3+
05 · Data Handling & Privacy
YOUR DATA, YOUR RULES
Data Residency
Tenant data stored in the region of your choice. EU, US, and APAC regions
available. Data never replicated across region boundaries without explicit configuration.
Deletion & Retention
Tenant data deleted within 30 days of account termination. Configurable
retention policies per data type. Deletion is cryptographic — keys destroyed, data unrecoverable.
No Training on Your Data
Customer data and tool execution outputs are never used to train models.
Ruachiel does not retain tool inputs or outputs beyond the tenant's configured retention window.
Data Portability
Full data export available on request in machine-readable format. Audit logs,
persona configurations, and conversation history exportable at any time.
06 · Subprocessors
THIRD-PARTY TRANSPARENCY
Google Cloud Platform
Infrastructure, compute, storage
US / EU / APAC
Google Vertex AI
LLM inference (default model)
US / EU
Anthropic
LLM inference (optional)
US
Stripe
Payment processing
US
SendGrid
Transactional email (invites, alerts)
US
Datadog
Observability, error tracking
US / EU
07 · Vulnerability Disclosure
RESPONSIBLE DISCLOSURE
Security Vulnerability Reporting
We operate a responsible disclosure program. If you discover a security vulnerability in Ruachiel's
platform, infrastructure, or products, please report it to us privately before public disclosure. We
commit to acknowledging reports within 24 hours, providing a remediation timeline within 72 hours for
critical findings, and crediting researchers who report responsibly.
We do not pursue legal action against researchers who discover and disclose vulnerabilities in good faith in accordance with this policy. Bug bounty program coming Q2 2026.
security@ruachiel.io
We do not pursue legal action against researchers who discover and disclose vulnerabilities in good faith in accordance with this policy. Bug bounty program coming Q2 2026.