Security

How we protect your data and operations.

AgentNet is built on a principle of least privilege. Every AI employee operates inside a declared boundary, every action leaves a receipt, and business data stays in the customer-controlled environment.

Security practices

What we do today

Permission boundary per agent

Each AI employee is assigned an explicit permission scope. Actions outside that scope are rejected at the runtime level, not just by policy.

AGIN identity on every agent call

AI employees hold AGIN identity cards—providers and reviewers know which agent acted. Agents never hold long-lived bearer tokens; each call is signed on the host and single-use. Product API keys stay separate from AGIN.

Execution receipts and audit trail

Every AI action returns a structured JSON receipt: AGIN identity, tool calls, inputs, outputs and outcome. Receipts are retained for audit and are not mutable after creation.

Data stays in your environment

Customer records, conversation content and workflow outputs live in the customer-controlled environment. AgentNet keeps account, billing, entitlement and delivery records for authentication, support, invoicing and compliance.

Self-hosted responsibility

For self-hosted AgentOS X, customers are responsible for local host security, backups, network exposure, operating-system patching and user access. AgentNet support follows the order, DPA and support request scope.

TLS in transit

All API traffic between clients and AgentNet services is encrypted over TLS 1.2 or later. Internal service-to-service calls on the same host do not leave the process boundary.

Access control on billing and entitlement

Subscription, entitlement and delivery records are scoped to the authenticated customer account. Cross-account access is prevented at the data layer.

AgentNet Mail sending compliance

Account verification, billing, support and delivery notifications use AgentNet Mail. Abuse, spam or unauthorized sending reports should be sent to security@aiagentnet.cloud and support@aiagentnet.cloud.

Acceptable Use enforcement

Agent actions that impersonate humans, bypass permissions, escalate privileges, attack third-party systems or evade audit may be suspended under the Acceptable Use terms.

Compliance roadmap

Compliance roadmap

Selected programs we are investing in as the product and customer base grow.

StandardStatus
SOC 2 Type IIIn progress
ISO 27001Planned
GDPR data processing agreementAvailable on request via privacy@aiagentnet.cloud
Penetration testingPlanned

Vulnerability disclosure

Vulnerability disclosure

If you discover a security vulnerability in AgentNet products or infrastructure, report it to security@aiagentnet.cloud. We acknowledge reports within 2 business days and aim to resolve confirmed issues within 30 days.