Tenant isolation, customer-managed encryption, immutable audit trail, no training on your data. Built to pass procurement, designed to pass an audit.
Type II in progress · Type I complete · report on request.
AI management system, mapped and audited.
BAA available at Enterprise.
Conformity assessment ready for high-risk classification.
Your matter content is never used to train base or specialist models. Opt-in fine-tuning is strictly contractual and isolated.
Per-tenant KMS keys. Schema-per-tenant on Enterprise. Network-level segregation. BYOK on request.
TLS 1.3 in transit. AES-256 at rest. Field-level encryption for PII.
SSO/SAML/SCIM via Okta, Microsoft Entra, Google Workspace. RBAC with per-action permissions.
Every agent action, tool call, document touched, model invoked. Append-only. Exportable to SIEM.
Annual third-party penetration test. Continuous bounty via HackerOne.
| Vendor | Purpose | Region |
|---|---|---|
| Amazon Web Services | Primary infrastructure | us-east-1 · eu-west-1 |
| Anthropic | Foundation model inference (no-train) | US |
| OpenAI Enterprise | Foundation model inference (no-train) | US |
| WorkOS | SSO / SCIM | US |
| Stripe | Billing | US |
Full DPA, SCCs, and the complete sub-processor list available at security@litigo.app.