Security & compliance

Built for regulated environments from the first commit.

Renovix migrates code that runs the financial, healthcare, and government systems of record. Security is not a tier — it is the architecture.

Certifications

Current posture.

SOC 2 Type II

Audited annually by a Big-4 firm. Report available under NDA.

ISO 27001

Certified. Includes ISO 27017 (cloud) and 27018 (PII) annexes.

HIPAA

BAA available. PHI handled only in HIPAA-eligible deployments.

FedRAMP Moderate

In process. SSP and POA&M available to authorized agencies.

ISO 42001

AI management system certification — first AI startup to pursue it.

PCI DSS

Compliant when cardholder data is in scope. RoC available.

GDPR & UK DPA

EU SCCs, UK IDTA, and EU AI Act conformity documentation.

CCPA / CPRA

Full data subject rights and California privacy compliance.

Architecture

Tenant isolation at every layer.

Compute

Isolated workers

Per-tenant compute pools with no shared model state between customers.

Data

Schema-per-tenant

Top-tier customers run on schema-isolated Postgres with per-tenant KMS keys.

Model

No cross-tenant training

Customer data never enters another customer's model. BYOM also supported.

Network

VPC peering

Enterprise customers can run Renovix in their own AWS, Azure, or GCP account.

Keys

BYOK encryption

Bring your own KMS-managed keys; rotate without involving Renovix.

Air-gap

On-prem appliance

For classified workloads, a hardened single-tenant appliance is available.

Identity & access

Enterprise auth, default-on.

SSO

SAML 2.0 and OIDC. Tested with Okta, Entra ID, Ping, Auth0.

SCIM

Automated provisioning and deprovisioning via SCIM 2.0.

RBAC

Per-action role-based access with custom roles per organization.

MFA

TOTP, WebAuthn, hardware key (FIDO2) enforced per role.

Session controls

IP allow-listing, session lifetime, idle-timeout, device binding.

Audit log

Immutable log of all user and agent actions; SIEM export included.

Data handling

Your code never trains the world's model.

Customer code is processed only for the purpose of the migration. It is never used to train models for other customers. It is never used to train models without contractual permission. Period.

Inputs are encrypted in transit (TLS 1.3) and at rest (AES-256). PII is redacted at ingest using a layered detector. Inference runs in tenant-isolated compute pools.

// Data flow guarantees
{
  "in_transit":    "TLS_1.3 + mTLS",
  "at_rest":       "AES-256 (BYOK)",
  "cross_tenant":  "prohibited",
  "model_training": "contractual opt-in only",
  "retention":     "customer-defined",
  "deletion":      "30-day verified purge"
}
AI safety

Defenses specific to agentic systems.

Prompt injection defense

Input sanitization, tool allow-lists, and output validators on every agent run.

Tool-use sandboxing

Every tool runs in a sandboxed execution environment with per-tool authz.

Verifier independence

The verifier model is architecturally and statistically independent of the executor.

Confidence scoring

Every output ships with a calibrated confidence score and abstains when unsure.

Hallucination tests

Golden datasets and adversarial probes run on every model release.

Red team

Continuous red-team exercises against the agent system; quarterly external pen-test.

Audit & evidence

Auditor-ready by default.

Every agent action — every tool call, every code change, every approval — is captured in an immutable append-only log. Logs can be exported to your SIEM (Splunk, Sumo, Datadog) in real time, or pulled into Snowflake or BigQuery for long-term retention.

  • Evidence packsPre-built export bundles for SOC 2, HIPAA, NYDFS 500, OCC, FFIEC.
  • Change traceabilityEvery line in the new code links back to its source line.
  • Tamper-evident logsHash-chained logs with optional notarization for high-stakes workflows.
// Audit event
{
  "ts": "2026-05-18T14:08:21Z",
  "actor": "agent.translator.cobol",
  "action": "translate.module",
  "input_hash": "sha256:91a4...",
  "output_hash": "sha256:c3d8...",
  "confidence": 0.984,
  "reviewer": "sme.aroy@northwind",
  "verdict": "APPROVED"
}
Deployment

Four deployment shapes.

Multi-tenant SaaS

Default. Logical isolation, US or EU region.

Single-tenant SaaS

Dedicated infrastructure for compliance-sensitive workloads.

VPC / BYOC

Runs in your AWS, Azure, or GCP account. Control plane managed by Renovix.

On-prem / air-gapped

Hardened appliance for classified or fully isolated environments.

Disclosure

Responsible disclosure.

HackerOne bug bounty

Public bug bounty program with payouts up to $25,000 for critical findings. Safe harbor for good-faith researchers.

Vulnerability reports

Email security@renovix.com with PGP. Median response time: under 24 hours. Coordinated disclosure encouraged.

Reach our security team.

Procurement-ready security pack available under NDA in two business days.

Request security pack