AWS Marketplace·Enterprise deployment — listing in progress.Contact sales·View pricing

INTERTRACE — RUNTIME AI SECURITY • GATEWAY PROTECTION • RUNTIME VERIFICATION • BEHAVIORAL INTELLIGENCE • PROMPT INJECTION DEFENSE • PII REDACTION • SUB-50MS CLASSIFICATION • COMPLIANCE REPORTING • MANAGED AGENTS • OWASP LLM TOP 10 • INTERTRACE — RUNTIME AI SECURITY • GATEWAY PROTECTION • RUNTIME VERIFICATION • BEHAVIORAL INTELLIGENCE • PROMPT INJECTION DEFENSE • PII REDACTION • SUB-50MS CLASSIFICATION • COMPLIANCE REPORTING • MANAGED AGENTS • OWASP LLM TOP 10 • INTERTRACE — RUNTIME AI SECURITY • GATEWAY PROTECTION • RUNTIME VERIFICATION • BEHAVIORAL INTELLIGENCE • PROMPT INJECTION DEFENSE • PII REDACTION • SUB-50MS CLASSIFICATION • COMPLIANCE REPORTING • MANAGED AGENTS • OWASP LLM TOP 10 •
← Back

Security

Trust, transparency, and responsible disclosure for teams running AI in production.

Product security

Intertrace is designed as a security control plane: least-privilege access to customer organizations, audited admin actions, encrypted secrets, and separation between tenant data. Gateway and runtime pipelines apply deterministic and model-assisted checks with logging suitable for incident review—including structured findings, optional tooling detail (when your org enables it), tool-call policy enforcement, and assessment workers that use privileged keys only inside your deployment boundary.

Infrastructure

  • Encryption — TLS for data in transit; encrypted storage for sensitive configuration at rest.
  • Hosting — Deployed on managed cloud infrastructure with hardened baselines and network isolation between environments.
  • Access — Role-based access for employees; production access requires MFA and is logged.

Data handling

Customer traffic is processed to deliver detection, verification, and reporting. Retention and export are configurable by plan. We do not use your production prompts to train public foundation models; see the Privacy Policy for detail.

Compliance posture

Our controls are aligned with common enterprise expectations (SOC 2-style practices, GDPR-oriented processing agreements where applicable). Formal certifications and customer-specific questionnaires are available under NDA for qualified deployments.

Your responsibilities

  • Rotate API keys and gateway secrets; scope keys to least privilege.
  • Keep identity provider and SSO settings up to date.
  • Review findings and incidents and tune rules for your risk tolerance.
  • Use Simulation Lab and staging environments before enforcing blocking policies broadly.

Report a vulnerability

We welcome coordinated disclosure. Please email security@intertrace.ai with reproduction steps, impact, and your preferred timeline. Do not access data that isn't yours. We aim to acknowledge reports within two business days.

General security questions: Contact