Security at every layer.
From encrypted storage and tenant isolation to cryptographic evidence verification — RadMah AI is built secure from the ground up.
Security Practices
Built secure from the ground up
AES-256 Encryption + TLS 1.3
All data at rest is AES-256 encrypted in AWS S3 and RDS via envelope encryption. All API and inter-service communication runs over TLS 1.3 with HSTS enforced. Database connections are SSL-pinned.
Multi-Tenant Isolation
Every tenant operates in a logically isolated environment — separate database schemas, S3 key prefixes, Celery queues, and API key scoping. Row-level security enforced at every query. Zero cross-tenant data leakage by design.
Write-Only Secret Vault
Connector credentials, OAuth tokens, and API secrets follow a strict write-only pattern. Once written, a secret can only be rotated or deleted — never read back through any API. In production, all secrets are resolved exclusively from AWS Secrets Manager. Missing secret = hard failure, no silent fallback.
Immutable Audit Logging
Every API call, data access, job submission, and administrative action is logged with actor identity, timestamp, IP address, tenant context, and request ID. Audit logs are append-only, SIEM-ready, and retained per compliance requirements.
Zero-Trust Network Architecture
All API endpoints require authentication. No implicit trust between microservices — each service validates the caller. API keys carry granular scoped permissions. Rate limiting, abuse detection, WAF, and CloudFront DDoS protection on all public surfaces.
Cryptographic Evidence Chain
Every job unconditionally produces a signed evidence bundle. The final Cryptographic Seal is the cryptographic seal binding every artefact, forming a Merkle-style tamper chain. Modifying any artefact breaks the seal. Artefacts include the sealed contract commitment, Determinism Proof, Privacy Report, Utility Metrics, and more.
Deterministic Reproducibility
Every job is seeded by a sealed contract specification. The same sealed contract plus the same seed produces bit-for-bit identical output on any machine, at any future time. Proved by the BLAKE3 Determinism Proof (artifact #4) — any third party can independently re-run and verify the output hash.
Sealed Specification Registry
Every the sealed contract specification is cryptographically hashed and can be saved to the sealed specification store. Registered seals are stored in S3 and indexed for deterministic replay. Submitting the same sealed contract twice returns the existing seal ID — idempotent, tamper-proof, independently auditable.
MFA, SSO, and SCIM Provisioning
All accounts support multi-factor authentication. Enterprise tenants get SAML 2.0, OIDC (Okta, Azure AD, Google Workspace), and SCIM 2.0 for automated directory provisioning and deprovisioning. API keys are issued once and never retrievable — rotation creates a new key.
Pen-Testing & CVE Bounty
All public API surfaces are covered by a security review programme. Critical CVE count: 0. Security architecture documentation available under NDA for Enterprise customers.
API Key Lifecycle Management
API keys are issued once and stored only as a one-way hash — the raw key is never retrievable after creation. Each key carries tenant-scoped permissions. Keys can be rotated (old key instantly invalidated) or deleted via API or dashboard. Automated expiry policies are available on Enterprise plans.
Data Retention & Right to Erasure
Customers configure dataset retention periods (30, 90, 365 days, or custom). Job outputs, evidence bundles, and the sealed contract specifications are deleted on schedule with cryptographic confirmation. Right-to-erasure requests are fulfilled within 72 hours in compliance with GDPR Article 17. Deletion events appear in the immutable audit trail.
Compliance
Certifications & Compliance
Cryptographic Evidence
Every generation job produces a cryptographically sealed evidence bundle: the sealed contract, Schema Manifest, Quality Report, Determinism Proof, Privacy Analysis, Bias Report, Lineage Graph, Relation-Closure Certificate, and Cryptographic Seal.
Full Audit Trail
Every action — logins, API calls, job submissions, billing events, key rotations — is logged with immutable audit entries. Tenant-isolated, timestamped, and queryable from the admin dashboard.
Privacy by Design
Synthetic data generation avoids personal data by design. Every evidence bundle includes a Privacy Report with k-anonymity, l-diversity, t-closeness, and differential privacy metrics.
GDPR and UK GDPR
Data Processing Agreements available on request. Right-to-erasure fulfilled within 72 hours. Evidence bundles include privacy risk assessments for every job. No real PII in synthetic output.
Data Residency
Enterprise customers can pin data storage and processing to specific AWS regions — US East, EU West, and Asia Pacific available. Air-gapped on-premise deployments have no AWS dependency.
FedRAMP / ITAR Compatible
Air-gapped and on-premise Enterprise deployment options support FedRAMP and ITAR-controlled environments. Contact our security team for classified network deployment details.
Infrastructure
Hardened by design
Cloud Provider
Amazon Web Services (AWS) — multi-AZ deployments across US East, EU West, and Asia Pacific for high availability and data residency compliance.
Secret Management
AWS Secrets Manager in production — all credentials resolved at runtime, never stored in environment variables. Missing secret = hard failure, no fallback.
Database
Separate RDS PostgreSQL instances for Admin and Client APIs. Automated backups, point-in-time recovery, SSL-pinned connections, and row-level security at every query.
Object Storage
AWS S3 with server-side AES-256 encryption, versioning, and tenant-scoped prefix isolation. Evidence bundles stored with immutable object lock.
Network
VPC-isolated services, private subnets for all databases, NAT gateway egress, WAF (AWS WAF v2), and CloudFront DDoS protection on all public endpoints.
Job Queue
Celery workers with Redis broker — tenant-isolated queues (radmah-default, radmah-gpu, radmah-interactive). Worker isolation prevents cross-tenant job contamination.