Trust · Security · Responsible AI

Trust is a spec,
not a slogan.

We document exactly where your data goes, which third parties touch it, what controls you hold, and where every compliance commitment stands — including the ones we haven't finished yet. No marketing varnish.

At a glance

The commitments customers ask about most.

Live
Encryption in transit
TLS 1.3 end-to-end, HSTS enforced, wss:// for realtime.
Live
Encryption at rest
AES-256, daily encrypted backups, point-in-time recovery.
Live
No training on customer data
Contractual with our LLM provider. Non-negotiable.
Live
PII redaction, tiered
Off, partial or full — per tenant, applied before inference.
Live
Tenant isolation
Row-level filters on every query. No cross-tenant paths.
Live
Customer data export
Full JSON export of reports, audit events and config, any time.
In flight
Zero Data Retention (LLM)
Enterprise ZDR enablement in progress with Anthropic.
In flight
GDPR DPA
SCCs + data-processing addendum in drafting with privacy counsel.

Architecture

Three data flows. Each one documented.

Only one flow sends alert text to a large language model — and your redaction policy runs first. The rest either stays inside our boundary or performs anonymous, lookup-only queries.

Layer 1 · LLM inference

Alert text → Claude

PII-redacted alert text goes to Anthropic Claude for agent reasoning. Contractually never used for training; Zero Data Retention enablement in flight. Sovereign tier routes this through your Anthropic account.

Layer 2 · Intel lookups

One IOC at a time

VirusTotal and AbuseIPDB see individual indicators with zero surrounding context — lookup-only, never submission. A per-tenant kill switch disables external intel entirely.

Layer 3 · Stays local

Never leaves our boundary

MITRE mapping, your knowledge base, asset registry, block lists, the audit log and final reports live inside the SyberOps boundary. Full stop.


Deployment tiers

Choose your data-residency posture.

Most agentic SOC vendors offer one deployment model. We offer four — from convenient to fully sovereign.

Tier 1

Standard

Our Anthropic workspace with ZDR, our keys, our billing. External intel enabled. The default for most commercial customers.

Available today
Tier 2

Privacy

Standard plus context-preserving PII redaction: users, emails and internal hosts tokenized before any model sees them. For healthcare, financial services and EU customers.

Available today
Tier 3

Sovereign

Bring your own Anthropic key. Every model call routes through your account, your ZDR setting, your billing. For government and large-enterprise CISO requirements.

Phase 2 · Q4 2026
Tier 4

Air-gap

No external APIs at all. SyberOps in your VPC with a local LLM. Full sovereignty for classified workloads and defense primes.

Phase 3 · Q1 2027

Responsible AI

Rules we hold our agents to.

Explainable by default
Every verdict ships with its reasoning chain and a calibrated confidence score — no black-box answers.
Human approval gates
Response actions can require analyst sign-off wherever you configure it. Autonomy is a dial, not a switch.
Prompt-injection defence
Alert content is wrapped and treated strictly as data; parsing is isolated from decision-making agents.
No training on your data
Customer data never trains models — ours or anyone else's. Contractual, not aspirational.
Append-only audit log
Every agent step, analyst action and outbound API call is recorded and customer-visible.
Staff access transparency
See every time a SyberOps engineer touched your tenant — logged automatically, shown in your dashboard.

Compliance roadmap

Where we are. Honestly.

We don't claim certifications we don't hold. Here's the real status of each commitment — the full detail, including subprocessors and customer-side controls, lives in the Trust Center.

Q3 2026
SOC 2 Type I
Audit kickoff scheduled with Vanta.
Q2 2027
SOC 2 Type II
Six-month observation window post-Type-I; report under NDA.
In flight
GDPR DPA
SCCs + addendum in drafting with privacy counsel.
Gated
HIPAA BAA
Redaction layer shipped; gated on LLM-provider BAA/ZDR provisioning.
Q4 2026
Penetration test
Annual cadence with a reputable firm; summary under NDA.
Q3 2026
Bug bounty
Public programme post-SOC-2-Type-I.
Q3 2027
ISO 27001
Stage-1 audit once SOC 2 Type II is in hand.
Live
Vulnerability disclosure
security@syberops.com · 24h acknowledgement · safe harbour for good-faith research.
Get started

Read the whole thing. We mean it.

Data flows, subprocessors, security controls and customer-side knobs — documented in full at the Trust Center.