Obiguard is built to the same standard we hold our customers' AI to. Our security posture is externally audited, continuously monitored, and reported here.
Annual audit by an independent AICPA-registered firm covering Security, Availability, and Confidentiality trust service criteria. Current report covers the period ending December 2025.
AI Management System certification covering our governance platform itself — the controls, processes, and risk management practices we apply to Obiguard as an AI system.
Our internal risk management process is aligned to the NIST AI Risk Management Framework — Govern, Map, Measure, Manage — and we publish our alignment documentation on request.
In SaaS mode, content is inspected in-memory and not written to disk. We can attest to this with a deployment-time enclave proof on request.
Deploy Obiguard entirely inside your own VPC or on-premises. No content ever leaves your network boundary. Full enclave attestation available.
We operate a responsible disclosure programme. To report a vulnerability, email [email protected] with a description and reproduction steps. We target a 72-hour initial response.
For vulnerability reports, audit report requests, penetration test facilitation, or general security questions, contact us at [email protected]. PGP key available on request.