Security Overview

Security Overview

Last updated: November 27, 2025

Attababy is designed from first principles for regulated, high-stakes AI workloads. Our architecture places sovereignty and control at the core of how models, data, and agents execute.

Below is a high-level overview of our security posture.

1. Zero-Persistence by Design

• No prompts, embeddings, logs, or weights persist unless explicitly configured.
• Enclave memory is ephemeral.
• Transient buffers are destroyed automatically after workload completion.

2. Enclave-Based Execution

Private workloads run in isolated environments featuring:

• encrypted memory
• hardware attestation (Intel SGX / AMD SEV where available)
• GPU segmentation boundaries
• no co-tenancy unless explicitly allowed

3. Sovereign Routing Controls

• Region locks enforced per workload.
• No cross-region movement without express policy.
• Residency compliance with GDPR, HIPAA, FINRA, and industry-specific rules.

4. Encryption

All data is encrypted:

• In transit: TLS 1.3+
• At rest: AES-256
• In memory: enclave-based isolation

5. Identity & Access Management (IAM)

• Role-based access control (RBAC)
• Multi-tenant isolation
• API key + service token policies
• Optional single sign-on (OIDC/SAML)

6. Monitoring & Audit Trails

• Non-content audit logs (no training or inference data ever logged)
• Enclave IDs, region codes, and destruction confirmations stored securely
• Configurable retention windows

7. Infrastructure Security

• Redundant power + cooling
• 24/7 monitored colocation facilities
• Multi-layer physical access controls
• Camera + biometric access systems

8. Compliance Program (In Progress)

Attababy is actively preparing compliance baselines for:

• SOC 2 Type I → Type II
• HIPAA attestation
• GDPR readiness
• EU AI Act alignment

A full SOC 2 report will be published once the audit cycle is complete.