SECURITY & COMPLIANCE ARCHITECTURE

Institutional Grade Trust.

AIPrunr is designed for environments where security is a mandate, not an option. Our "Zero Egress" model ensures that your infrastructure truth remains your own.

Data Sovereignty: Zero Egress

Unlike traditional SaaS governance tools that require you to ship your VPC Flow Logs and billing metadata to an external cloud, **AIPrunr runs entirely within your perimeter.** No sensitive traffic data, no credentials, and no PII ever leave your network.

Read-Only IAM Model

AIPrunr strictly operates on a principle of Least Privilege. We never ask for, and cannot accept, write or delete permissions. Our integration requires only `DescribeInstances`, `GetFlowLogs`, and `GetCostAndUsage` (or equivalent).

Encryption at Rest

All configuration data, including local cloud identifiers, are stored in a local PostgreSQL instance using **AES-256-GCM** encryption. Credentials are never stored in plaintext and reside only on the local disk of your secure appliance.

Compliance Frameworks

PCI DSS 4.0

SAQ A Compliant

Identifies abandoned payment-layer instances.

SOC 2 Type II

In Prep

Full audit logs of all governance activities.

ISO 27001

Ready

Operational security aligned with international standards.

GDPR / CCPA

Compliant

No PII egress; local data sovereignty guaranteed.