Security
Infrand is built for teams that treat AI as a production system—with clear controls, auditability, and defensible defaults.
Control what is captured
Configure capture, redaction, and retention policies to match your data handling requirements.
Auditability by default
Critical actions and policy changes are designed to be reviewable and attributable.
Designed for enterprise reviews
We support vendor security reviews and can align on documentation and controls for Enterprise customers.
Data handling
- • Configurable retention and deletion
- • Field-level redaction for sensitive values
- • Environment separation (dev/stage/prod)
Access control
- • Role-based access control (RBAC)
- • SSO integration options (SAML/OIDC)
- • Audit logs for critical actions
Encryption
- • TLS in transit
- • Encryption at rest
- • Secure secret handling patterns
Compliance roadmap
- • SOC 2 Type II (in progress)
- • Vendor security reviews supported
- • Custom DPAs for Enterprise
If you need a specific control or documentation set, request a security review and we’ll share the latest materials.
Security reviews
We support vendor security processes.
If you have specific requirements (retention, redaction, isolation, audit evidence), request a security review. We’ll share the latest documentation and discuss fit.
What we’ll cover
- •Data captured and where it flows
- •Retention and redaction controls
- •Access control and audit logging
- •Deployment isolation options