// Security & Compliance

Built for regulated industries.
Zero compromises on security.

AIC operates with read-only diagnostic access only — never execute or modify. Your data never leaves your VPC. Full audit trail of every command executed. Designed to pass the toughest security reviews at banks, healthcare, and federal agencies.

Read-only diagnostic access
Zero inbound connections
Encryption at rest & in transit
Multi-tenant isolation
Full audit trail (SOC2-ready)
VPC-isolated deployment
Six security principles built into the architecture
Every design decision filtered through regulated-industry requirements. These principles are non-negotiable — baked into how AIC works.
// 01
Read-only by default
AIC executes only read-only diagnostic commands. Every remediation requires explicit human approval via Slack. No silent changes to your infrastructure.
// 02
Zero inbound connections
AIC Collectors initiate outbound HTTPS connections only. No open ports on your infrastructure. No firewall changes required. Standard corporate proxies supported.
// 03
Command allowlisting
Every command validated against explicit allowlists per technology. SQL queries parsed to verify SELECT-only. Destructive patterns blocked at multiple layers.
// 04
Data sovereignty
Diagnostic output redacted before leaving customer network. API keys, tokens, and secrets automatically scrubbed. CloudFormation VPC deployment keeps everything in your account.
// 05
Immutable audit trail
Every command queued, executed, blocked, or timed out is logged with tenant, user, incident, command, and output hash. Logs exported to your SIEM for regulatory compliance.
// 06
Tenant isolation
Hard isolation between customer tenants at API, database, and queue layers. Validated in production — Tenant A cannot access Tenant B data under any circumstance.
What data actually leaves your environment?
The short answer: alert metadata and redacted diagnostic output. Not your customer data, not your application state, not your production secrets.
┌─────────────────────────────────────────────────────────────────┐ │ YOUR AWS ACCOUNT / VPC │ │ │ [ Your Infrastructure ] [ AIC Deployment ] - RDS, ECS, Lambda - ECS Fargate (VPC-isolated) - Your app data - Postgres (AIC-only data) - Your secrets - Redis (ephemeral queue) ───► Alert fires ───► AIC triage pipeline (metadata only) Runs diagnostics via IAM role (describe/get/list only) Redact secrets from output └─────────────────────────┼───────────────────────────────────────┘ │ │ HTTPS / TLS 1.3 (outbound only) │ ┌─────────────────────────┼───────────────────────────────────────┐ │ EXTERNAL SERVICES │ (your choice of destinations) │ │ ▼ │ Slack API (your workspace, your webhook) Anthropic API (Claude for triage — text only, no PII) AWS Bedrock (optional — Claude via AWS, stays in-region) SES email (your SES, your domain) └─────────────────────────────────────────────────────────────────┘
What leaves your VPC: Alert title, description, service name, severity, redacted diagnostic output (secrets scrubbed), incident metadata.

What never leaves: Customer PII, application data, database contents, authentication tokens, encryption keys, API keys, passwords.

CloudFormation VPC mode: For the highest sensitivity, deploy AIC entirely inside your own VPC. Zero traffic to NovaAI infrastructure.
Compliance roadmap
AIC is architected to align with SOC2 Type II, ISO 27001, HIPAA, and FedRAMP Moderate controls. Formal certifications in progress — deployment model already supports the controls required.
Framework Relevance Status
SOC 2 Type II Security, availability, confidentiality controls for SaaS platforms In progress · Q2 2026
ISO 27001 International standard for information security management Planned · Q3 2026
HIPAA BAA Business Associate Agreement for healthcare customers Available on request
AWS Marketplace Verified seller, procurement via AWS billing Listed
GDPR / CCPA Data protection and privacy for EU/California residents Architecturally compliant
PCI DSS Payment card data — AIC never touches cardholder data Out of scope (no CHD stored)
FedRAMP Moderate Federal government cloud security authorization Evaluation · 2027
Security controls in place today
Concrete implementation details — not just aspirational statements. These controls are validated in production.
// Encryption
TLS 1.3 in transit, AES-256 at rest
All API traffic via TLS 1.3. RDS Postgres encrypted with AWS KMS CMK. S3 SSE-KMS for logs. ECR image signatures verified before pull.
// Authentication
Tenant-scoped API keys + mTLS
Each customer gets unique API key bound to tenant_id. Validated via database lookup on every request. Collectors use mTLS certificates with HMAC-signed commands.
// Authorization
Least-privilege IAM for all AWS operations
AIC ECS task role has only describe/get/list permissions. No write, delete, or modify actions possible. Network Reachability Analyzer role is separate and tightly scoped.
// Network
VPC isolation + private subnets
AIC compute runs in private subnets. RDS has no public endpoint. Redis access restricted to AIC security group only. ALB enforces HTTPS; HTTP redirects automatically.
// Multi-tenancy
Hard tenant isolation with API enforcement
Every database query filtered by tenant_id from authenticated context. Validated in production: isolation test suite confirms tenant A cannot retrieve tenant B data under any attack vector.
// Audit
Immutable command execution log
Every command queued, executed, blocked, or failed is logged with timestamp, tenant, incident, command, allowlist rule matched, and output hash. Export to SIEM supported.
// Secrets
AWS Secrets Manager + automatic rotation
Zero secrets in environment variables or code. Database credentials, API keys, and Slack tokens stored in AWS Secrets Manager. Rotation enabled on schedule.
// Resilience
RDS Multi-AZ + daily encrypted backups
Production RDS runs Multi-AZ with automatic failover tested quarterly. 7-day backup retention with point-in-time recovery. CloudWatch alarms on CPU, memory, and connections.
// Data protection
Automatic secret redaction
AWS access keys (AKIA...), passwords, tokens, and API keys matched by regex and scrubbed before leaving customer network. Customers can add their own redaction patterns.
// Supply chain
SBOM + signed container images
Every release includes Software Bill of Materials. Container images signed with cosign. Dependencies scanned via Snyk. No known CVEs in production images.
Three deployment models for different risk profiles
Choose based on your regulatory and data residency requirements. All three use the same read-only principles.
// SaaS
AIC-managed
Run in NovaAI's AWS account. Fastest onboarding. Good for startups and mid-market. Data flows: alert metadata + redacted output only.
// VPC
Customer VPC (CloudFormation)
One-click CloudFormation deploys AIC inside your VPC. Zero traffic to NovaAI infrastructure. Recommended for enterprises and regulated industries.
// Air-gapped
Private deployment
On-prem or GovCloud deployment. Optional air-gapped mode with local Bedrock. For federal customers and classified environments. Enterprise tier.

Want the full security whitepaper?

Includes threat model, SOC2 readiness checklist, IAM policy templates,
CloudFormation security review, and penetration test results.

Request Whitepaper Book Security Review