Security
Enterprise-grade security built into every layer — from data ingestion through the MCP Gateway to model inference. Your data stays yours.
Zero-Trust Authentication
Every agent call routes through MCP Gateway — the single enforcement point for access control and audit logging. MCP Gateway supports five authentication methods to match your enterprise's security posture: API Key for service-to-service integrations, JWT Bearer for stateless token validation, OAuth 2.0 for delegated access with Azure AD or Okta, Mutual TLS for certificate-based zero-trust environments, and On-Behalf-Of (OBO) for delegated user identity flows where the agent acts as the authenticated user downstream.
Automated Compliance Validation
Build Studio runs 73 automated compliance checks on every agent design before generating a deployment package. Checks span four frameworks: GDPR (data classification, consent tracking, right-to-erasure hooks), SOC 2 (access control, audit logging, processing integrity), HIPAA (PHI handling, minimum necessary access, audit requirements), and ISO 27001 (information security management controls). Compliance gaps are surfaced at design time, not after production deployment.
Data Privacy
Enterprise data processed by agents is never used for model training. MCP Gateway enforces data boundaries at the tool level — each integration is scoped to the minimum data access required. Session management isolates tenant data in multi-tenant deployments, and all tool calls are logged for audit and incident response purposes.
Governance Documentation
Every agent deployment package includes auto-generated governance documentation covering ownership, data classification, access control policies, audit logging configuration, incident response procedures, cost governance, model risk assessment, and change management records — aligned to the eight governance domains required by enterprise security teams.