Enterprise-Grade Security
Security is foundational to DecisionLedger AI, not an afterthought. Every layer of the platform is engineered to protect your data, ensure compliance, and give your team confidence that sensitive decisions stay secure.
0+
RLS-Protected Tables
0
PII Types Detected
0
SOC 2 Controls
0
Safe Harbor IDs
0-Year
Audit Retention
Defense-in-Depth Architecture
Three layers of security protect your data from perimeter to storage. Every component is hardened, monitored, and encrypted by default.
Perimeter
- AWS WAFv2
- VPC isolation
- TLS 1.2+
- DDoS protection
Application
- Row-level security
- RBAC
- PII scanning
- Plugin sandbox
Data
- AES-256 at rest
- S3 Object Lock
- KMS encryption
- Encrypted backups
HIPAA Ready
EnterpriseHIPAA compliance features are available exclusively on the Enterprise plan.
- Business Associate Agreement (BAA)
- PHI Detection — all 18 Safe Harbor identifiers
- Automated Breach Detection (hourly)
- MFA required for all users
- Immutable Audit Trail (7-year retention)
- Security Risk Assessment (NIST SP 800-30)
DecisionLedger maintains administrative, physical, and technical safeguards per the HIPAA Security Rule. We execute Business Associate Agreements before any PHI processing, enforce PHI protections in code, and conduct formal Security Risk Assessments per NIST SP 800-30.
Our automated breach detection runs hourly, monitoring for suspicious patterns — excessive data access, PII spikes, cross-tenant probing, authentication anomalies, and off-hours activity.
Data Protection
Your data is isolated, classified, and protected at every layer. Row-level security ensures tenant boundaries are never crossed.
Row-Level Security
PostgreSQL RLS on 32+ tables — every query scoped to tenant.
Tenant Isolation
Full logical isolation at database, storage, and compute layers.
PII Scanning
Automated detection and classification on every model input.
Data Classification
4-tier sensitivity: public, internal, confidential, restricted.
Encrypted Backups
AES-256 daily backups with cross-region replication and PITR.
Access Control
Fine-grained identity and access management. Control exactly who can see, do, and approve across every resource.
MFA Required
TOTP multi-factor authentication is enforced for every user account — no exceptions, no opt-out. Combined with SSO/SAML 2.0 integration for enterprise identity providers.
Role-Based Access Control
Multi-tier RBAC defines exactly who can view, create, approve, export, or administer across every resource. Session management with configurable timeouts and concurrent session limits.
API Key Scoping
API keys can be scoped to specific resources, operations, and IP ranges. Keys support rotation schedules with zero-downtime rollover and full audit trail of usage.
Compliance Frameworks
SOC 2 Trust Service Assessment
Controls assessed against all five AICPA SOC 2 Type II trust service categories.
Formal security policy, 18 compliance documents, enterprise + AI risk registers
9 CloudWatch alarms, multi-region CloudTrail with log validation, immutable S3 audit logs
WAFv2, row-level security (32+ tables), plugin sandbox, Ed25519 signing, CI/CD security scanning
Cognito MFA, IAM least-privilege, RBAC, quarterly access reviews, provisioning procedures
ECS Fargate, ALB + container health checks, deployment circuit breaker, SNS alerting
Branch protection, PR approval, CI/CD gates: ruff, pytest, pip-audit, npm audit, bandit, Trivy
Incident response plan, disaster recovery plan, business continuity plan
Auto-scaling (2–6 tasks), RDS PITR (7-day), DR plan with 4-hour RTO, quarterly DR testing
JSON Schema validation, PII scanner (block mode), plugin sandbox (256MB / 30s timeout)
3-tier data classification, S3 lifecycle (Glacier at 90d), tenant offboarding procedures
Published privacy policy, PII scanner, encrypted sessions, right-to-erasure (30-day SLA)
Internal management self-assessment as of March 2026. Formal SOC 2 Type II audit engagement in progress.
Model Integrity & Trust Chain
Patent PendingEvery decision model is cryptographically signed, hash-verified, and enforced at runtime. Tampered or unsigned models never execute.
Sign
Ed25519 cryptographic signing binds code, metadata, and signer identity.
Hash
SHA-256 integrity hashes computed for every model artifact file.
Verify
On each load, platform re-hashes and compares — tampering detected instantly.
Enforce
Unsigned or hash-mismatched models are rejected at runtime. No exceptions.
Audit & Monitoring
Continuous monitoring, proactive alerting, and immutable audit records. Know what happened, when, and why.
Monitoring Coverage (%)
CloudWatch Alerting — 5 critical alarms with SNS escalation
Immutable S3 Storage — Object Lock compliance, admin-proof retention
Audit Log Export — JSON/CSV for SIEM ingestion and compliance reporting
Real-time anomaly detection identifies unusual access patterns, data exfiltration attempts, and privilege escalation.
Confidentiality Architecture
Purpose-built for organizations where data confidentiality is not optional — including legal teams that need privilege-aware processing.
AWS Bedrock VPC Isolation
All AI inference within your VPC via Bedrock. No data leaves the AWS cloud boundary.
Row-Level Tenant Isolation
PostgreSQL RLS on 39+ tables. Every query scoped to the requesting tenant.
Zero-Retention Mode
Inputs/outputs computed in memory, never persisted. Only audit metadata stored.
Privilege Designation
Attorney-client privilege with cryptographic attestation chains for litigation support.
Integrity Chain
SHA-256 hash chain for every lifecycle transition. Tamper-evident audit trail.
Data Boundary Enforcement
Patent PendingPer-artifact-class encryption and multi-strategy redaction at the execution runtime.