Engineered for the procurement review
you

Four guarantees

Properties of the system. Not promises in marketing.

Each one is verifiable in the platform itself. They hold whether you have one tenant or ten thousand.

• Per-tenant DEK encryption

  Every secret sealed with a tenant-specific data encryption key. The DEK is wrapped by your KEK — which you control. We never see plaintext.

• Row-level security

  Postgres RLS on every table, JWT-scoped. Cross-tenant leaks impossible at the database layer, not the application layer.

• Write-once audit log

  Every state change writes a row. UPDATE / DELETE rejected at the SQL layer. Tamper-evident. Exportable on demand.

• Approval gate by default

  Drafts wait for human review unless explicitly auto-published per channel. Crisis cases never auto-publish, period.

• Risk score per action

  Each agent action scored 0–1 for risk. Threshold-tunable per tenant. High-risk routes to mentor automatically.

• Honeytokens deployed

  Decoy credentials across the platform. Touch one, the incident workflow fires within seconds.

Built-in defenses

What ships in every BlackBit Brain tenant.

• STRIDE threat model · public

  Every new feature threat-modeled before merge. Current model lives in the repo. Auditable.

• Jailbreak Atlas

  Every adversarial prompt the fleet has encountered, with the mitigation that defeats it.

• Monthly purple-team

  Argus's department runs red/blue exercises. Findings either become tests or honeytokens.

• PII redaction at boundary

  Emails + phones replaced with placeholders before audit-log replication. Original lives encrypted in tenant column.

• Idempotency by construction

  Replay any event without producing duplicates. Useful for both reliability and forensics.

• Quarterly compliance review

  Enterprise customers get a quarterly walkthrough of their tenant's security posture, control checks, audit completeness.