Security controls built for enterprise procurement and production AI

Identity and Access

API endpoints require valid credentials, with role-based access model and scoped admin actions.

• API keys accepted via X-API-Key or ?api_key=.
• RBAC baseline roles: admin, analyst, read_only.
• Key rotation process is defined with audit evidence.

Network and Application Hardening

Security posture includes transport controls and default response protections on production traffic.

• TLS is required for hosted traffic paths.
• Headers include CSP, HSTS, frame and content-type protections.
• Request-size limits reduce abuse risk on ingest endpoints.

Data Governance and Auditability

Operational and compliance actions are visible and traceable for legal and regulatory checks.

• Export, delete, and retention actions are captured in audit events.
• Compliance console supports evidence-oriented workflows.
• Trace records support debugging and incident reconstruction.

Resilience and Recovery

Reliability controls cover runtime checks, backup policy, and incident communication paths.

• Health endpoints: /healthz, /readyz, /health.
• Backup and restore process is documented with drill expectations.
• Uptime workflow supports proactive alerting.

Vulnerability Reporting

Security reports are reviewed through a documented intake flow.

• Report channel: security@agentlens.one
• Severity-based response and communication process is defined.
• Enterprise customers can request direct security review calls.

Scope Note

This trust page represents the operational baseline and public controls summary. Contractual commitments are finalized in customer DPA/SLA documents.