Skip to main content

Security & Compliance

Security controls, data sovereignty, and explainable AI decisions for enterprise review

Controls & Standards

SOC 2 Readiness

Controls aligned to SOC 2 security, availability, confidentiality, and privacy criteria, with audit evidence collection designed for enterprise review.

Regional Compliance

Data residency options for AU, EU, and US regions. GDPR, CCPA, and PIPEDA compliant data handling with configurable data retention policies.

Industry Standards

Support for healthcare and financial-services control mapping, including HIPAA-sensitive and PCI-DSS-aligned assessment evidence. Government requirements are handled through deployment design and roadmap planning.

Impact Level Support

Architecture designed for defense contractor requirements, including air-gapped deployment options and zero external dependencies.

Data Sovereignty & Deployment

Your infrastructure. Your data. Your control. No cloud dependency required.

On-Premise (Recommended)

  • 30 tokens/sec on commodity hardware (sufficient for scheduled testing)
  • Complete data sovereignty—attack surface and findings never leave your network
  • Local LLM hosting for classified/sensitive environments
  • Air-gapped operation fully supported
  • No cloud egress costs or deployment premiums

Cloud Deployment (Optional)

  • Thousands of tokens/sec with H100 GPUs for maximum speed
  • Fully managed infrastructure—no hardware procurement
  • Regional data residency (AU, EU, US)
  • Automatic scaling for burst workloads

Transparency & Community

Open Source Contributions

We contribute security tools to the community under appropriate licenses at github.com/s6securitylabs. This demonstrates our commitment to transparency and community engagement while maintaining enterprise proprietary IP protection.

Component Disclosure

All licensed open source components are fully disclosed with SBOM documentation

Clear Licensing

Transparent licensing for all dependencies with compliance documentation

Community Tools

Select tools released to community under appropriate open source licenses

100% Explainable AI & Audit Trails

Complete Forensic Logging

Every agent decision, reasoning step, and action is logged with full forensic traceability. Provenance graphs show exact attack chains and evidence for each finding. No black box AI.

Enterprise Access Control

RBAC with granular permissions. SSO integration (SAML/OIDC). Multi-factor authentication. Complete audit logs for compliance and security reviews.

Compliance Reporting

Automated evidence collection for compliance frameworks. Findings mapped to NIST, OWASP, MITRE ATT&CK. Audit-ready reports with complete chains of custody.

Encrypted Communications

TLS 1.3 for all communications. AES-256 encryption at rest. Key management with hardware security module (HSM) support for maximum protection.