Security

Honest security posture. No marketing fluff.

We cover 5 of 10 OWASP LLM Top 10 risks at the gateway layer. We tell you exactly which ones - and why the others are out of scope.

5/10

OWASP LLM covered

TLS 1.2+

all transport

bcrypt(12)

password hashing

SOC 2

in progress (Vanta)

OWASP LLM Top 10

5/10 covered at the gateway layer.

Some OWASP LLM risks are training-time or agent-design concerns - a request proxy cannot address them. We cover what a gateway can cover, and say so plainly for the rest.

LLM01

Prompt Injection

Pattern-based + heuristic detection. Block in-path before model sees prompt.

LLM02

Insecure Output Handling

Response filter strips dangerous patterns before returning to caller.

LLM03

Training Data Poisoning

Out of scope - training-time concern, not addressable by inference proxy.

LLM04

Model Denial of Service

Per-key token + request rate limiting enforced in-path.

LLM05

Supply Chain Vulnerabilities

Out of scope - model supply chain, not request routing.

LLM06

Sensitive Info Disclosure

PII filter redacts sensitive data before it reaches the model.

LLM07

Insecure Plugin Design

Application-architecture concern; not addressable at gateway layer.

LLM08

Excessive Agency

Agent-design concern; partially addressable with custom policy rules.

LLM09

Overreliance

UX/process concern; outside scope of a request gateway.

LLM10

Model Theft

API key isolation and rate limiting reduce bulk extraction risk.

Zero-Trust Architecture

Never trust. Always verify.

Every request - regardless of origin or prior history - is authenticated and evaluated against the full policy stack before forwarding. No IP allowlisting, no session-level trust.

Per-request authentication

API key validated on every call. No session tokens.

Policy evaluation in-path

Rules run before the model receives the prompt.

Rate limiting per key

Burst + sustained limits enforced per API key.

Org isolation

Multi-tenant - no cross-org data leakage by design.

4-role RBAC

owner / admin / developer / viewer on all API routes.

Receive request

API key present?Key not revoked?Org active?

Policy evaluation

PII scanInjection detectionRate limitContent rules

Forward to model

Strip internal headersProvider authTimeout: 120s

Log response

Response filterHash-chain appendCost estimate

Data Handling

What we store. What we don't.

We store

Request metadata (timestamp, model, latency)

Token counts and estimated cost

Policy decision (ALLOW / BLOCK)

PII redaction summary (types, not values)

User/org identifiers

Hash-chained audit record

Not stored by default

Full prompt content

Full response content

Redacted PII values

Raw API keys (hashed only)

Model output verbatim

Optional (opt-in)

Full prompt/response (enterprise, off by default)

Extended retention (up to 7 years)

SIEM streaming webhook

S3 export

Compliance Roadmap

Where we stand today.

GDPR

Compliant by design

Now

CCPA

Compliant by design

Now

SOC 2 Type I

Scoping (Vanta)

Q2 2026

SOC 2 Type II

In progress

Q3 2026

HIPAA

BAA-eligible scope

Q4 2026

ISO 27001

Under consideration

2027

PCI DSS

Not required

Stripe handles

Vulnerability Disclosure

Responsible disclosure. Safe harbour.

Found a security issue? Email security@autraceai.com. We acknowledge within 24 hours. Patch SLAs by CVSS severity:

Critical7 days to patch

High30 days to patch

Medium90 days to patch

LowMonthly digest

Safe Harbour

Good-faith security research - with no intent to disrupt service or access customer data - will not result in legal action. We will credit you in the advisory unless you prefer otherwise.

Report a vulnerability →