Saluca builds governance and memory infrastructure for AI agents. Security is the product, so our controls are architectural: every governed request is authenticated, policy-checked, and written to a cryptographically signed audit — and with Tiresias-ZT self-hosted, your data never leaves your infrastructure. This page describes the controls in place today and where we are headed.
TLS 1.2+ in transit everywhere (automatic HTTPS, HSTS). Data encrypted at rest on managed cloud storage.
Request bodies are never stored — the audit keeps a SHA-256 digest only. Sensitive paths and fields are redacted before any write.
Per-tenant registries, row-level scoping, and per-tenant backends. One tenant can never read another's memory or audit.
Memory supports TTL, importance weighting, and temporal decay — data expires by policy rather than lingering indefinitely.
Every governed request — grant and deny — appends to a hash-chained, per-instance SoulKey-signed
audit trail. Any post-hoc edit breaks verification (aligned to OWASP ASI06). The trail is
cryptographically attributable, not just append-only, and can be verified independently at any time
(/admin/audit/verify). In HA, each node signs its own chain into a shared store for disaster recovery.
Deterministic prompt-injection screen (SoulGate) on the request path — blocks before forward.
SoulWatch: Sigma rules + per-agent baselines flag anomalies and license-integrity tampering.
Risk-scored agents/tenants are auto-quarantined and denied at the PEP until cleared.
Ship every audit event + detection to Splunk / Elastic / Sentinel (CEF/syslog or webhook). You keep the signal.
| Control | Status |
|---|---|
| Centralized logging (structured security events → Cloud Logging) | live |
| Uptime monitoring + alerting on the money path | live |
| Encrypted off-host backups, 30-day retention | live |
| Signed, pinned container images (GHCR) + CI test gates | live |
| Offline license verification (Ed25519) — no phone-home; air-gap capable | live |
| Software Bill of Materials (SBOM) published per release | roadmap |
| Asphodel (hosted) | Tiresias-ZT (self-hosted) | |
|---|---|---|
| Where data lives | Saluca-managed cloud | your infrastructure only |
| Who holds the keys | Saluca (per-tenant isolation) | you (per-instance SoulKey) |
| Audit trail | Saluca-managed, signed | yours, signed, never leaves |
| Air-gap | — | supported (offline licensing) |
We design to recognized control frameworks and are maturing toward formal attestation. We describe status honestly — we do not claim certifications we do not hold.
| Framework | Status |
|---|---|
| SOC 2 Type II | roadmap — our control posture is designed to the Trust Services Criteria; a formal third-party audit is on our roadmap (not yet in progress) |
| GDPR / CCPA | Data Processing Addendum + sub-processor list available; privacy by design (minimization, redaction, residency choice) |
| OWASP ASI | ASI06 (tamper-evident logging) enforced by the signed audit chain |
Legal terms — Terms of Service, Privacy Policy, DPA, Acceptable Use, sub-processors — are published at legal.saluca.com.
We welcome coordinated disclosure. Email security@saluca.com with steps to reproduce and impact. We acknowledge reports promptly, keep you updated through remediation, and credit reporters who wish to be named. Please do not test against other customers' data or degrade service.