Security is the product.
Veridra is the evidence layer regulated enterprises depend on. That role imposes security obligations that are stricter than the systems we assure. Our architecture starts from that premise.
If Veridra were compromised, the assurance it produces would be unreliable — and every customer depending on that assurance would face regulatory consequence. We accept this weight.
Three foundational principles
Verifiable without trust
Our architecture is designed so customers can verify their own evidence without trusting Veridra's honesty or availability. This is not marketing — it is a foundational commitment encoded in our open-source verification CLI and public transparency log design. If Veridra shut down tomorrow, your signed decisions would still verify with math alone. This inverts the usual vendor relationship: we do not get to ask for trust; we produce artifacts that are verifiable on their own terms.
Minimize what we can betray
We hold the minimum data necessary. Signing keys never enter our infrastructure — they live in your KMS (AWS KMS, Azure Key Vault, GCP KMS, HashiCorp Vault, or PKCS#11 HSM). AI decision content is hashed at the SDK before transmission, so Veridra never sees the inputs or outputs your models process. If we were breached tomorrow, the material extractable from us is deliberately limited to metadata — who signed what, when, to which transparency log entry — not what the decision actually said.
Publish what we know, mark what we don't
Our security disclosures distinguish controls in place, controls in progress, and mapped controls. "SOC 2 Type II observation starts Q3 2026" is honest. "SOC 2 compliant" would be an overclaim. "FedRAMP Moderate mapped" is honest. "FedRAMP authorized" would still be a misrepresentation. Sophisticated customers look for this distinction; we commit to maintaining it even as we grow past the point where overclaims become less conspicuous.
Architecture overview
Zero-trust network
No implicit trust between services. mTLS on every internal call, enforced by Istio ambient mesh. Service identity via SPIFFE/SVID with 4-hour rotation. Workload identity through the cloud provider, not long-lived service accounts with static credentials. Secrets issued dynamically by HashiCorp Vault with short TTLs.
Identity and access
Employee identity through SSO (Okta or equivalent) with mandatory WebAuthn hardware keys for production access. No long-lived API keys for engineers. Time-limited privilege elevation with approval workflow. Every privileged action logged to the immutable audit trail and itself signed.
Build and supply chain
Hermetic Bazel builds, reproducible across independent build hosts. SLSA Level 3 build provenance (Level 4 on roadmap). Every production container signed with Cosign; unsigned images rejected at admission. SBOMs in CycloneDX format attached to every release. Dependency updates reviewed individually, not batched.
Data boundaries
Tenant isolation at database, bucket, and transparency-log levels. Residency enforced at the infrastructure layer — EU data stays in EU, UK in UK, US in US. Cross-region replication off by default. Customer-initiated deletion honored within 30 days; cryptographic integrity preserved across deletions.
Vulnerability disclosure
We maintain a vulnerability disclosure process through security.txt, following RFC 9116 conventions. Security researchers may contact security@veridra.io. Our PGP key is published at /.well-known/veridra-security-pgp.asc.
Safe harbor
Veridra does not pursue legal action against researchers who make good-faith effort to avoid privacy violations, destruction of data, interruption of service, or harm to customers; who only interact with accounts they own or have explicit permission to test; and who give Veridra reasonable time to respond before public disclosure. This is explicit, written, binding safe harbor.
Response SLAs
- P0 (Critical): acknowledge within 2 hours, triage within 6 hours, fix within 24 hours, patch released within 48 hours.
- P1 (High): acknowledge within 8 hours, triage within 2 business days, fix within 7 days, patch released within 14 days.
- P2 (Medium): acknowledge within 2 business days, fix within 30 days, patch within 60 days.
- P3 (Low): acknowledge within 5 business days, fix within 90 days, patch with the next scheduled release.
Acknowledgments
We recognize good-faith security researchers who help improve Veridra's security posture through coordinated disclosure. If you would like public credit after remediation and coordinated disclosure are complete, tell us in your report and we will confirm the acknowledgment wording with you before publication.
Incident response
Every P0 or P1 incident is handled by a designated Security Response Team with on-call rotation, clear incident commander authority, and published communication commitments. Affected customers are notified within 24 hours of confirmed exploitation. No customer finds out about a Veridra incident from social media before they find out from us. Postmortems are signed, published to affected customers within 14 days, and shared publicly where the incident is of public interest.