Security Architecture
A deep dive into how we protect your AI agent. For a quick overview, see our Security page.
Infrastructure isolation
Five layers of network and hardware isolation that make your agent invisible and inaccessible.
Outbound-Only Encrypted Tunnels
Every agent connects to the outside world exclusively through outbound-only encrypted tunnels with TLS 1.3. Zero listening ports on your server. Invisible to port scanners. No one on the internet can initiate a connection to your agent.
DM Pairing (Contact Verification)
Before your agent responds to a new contact on any messaging platform, it requires your explicit approval. This blocks social engineering attacks and unauthorized access.
LUKS2 Encrypted Storage
Storage volumes are encrypted at rest using LUKS2 with AES-256-XTS. Encryption keys are managed separately from the storage volumes. Physical access to hardware cannot expose your data.
No Incoming Traffic
The agent gateway binds to localhost only. All inbound connections from the public internet are blocked. Your agent can make outbound requests, but nothing external can reach it.
Isolated Virtual Private Server
Every agent runs on its own dedicated VPS. No multi-tenancy at the infrastructure level. CPU, memory, storage, and network are completely isolated from every other customer.
Agent EDR: Runtime security
NewSix detection layers that run outside the agent, at the kernel level and control plane. Even if your agent is compromised, these layers survive.
Tool Execution Policies
Every tool invocation is evaluated against our security policy engine before execution. Dangerous operations (reverse shells, crypto miners, credential theft, privilege escalation) are blocked or flagged in real-time. Every tool call is logged.
File Integrity Monitoring
Critical system files, agent configurations, skill files, and binaries are monitored continuously on the host OS. Any unauthorized modification, creation, or deletion is detected and alerted in real-time. Runs outside the agent.
eBPF Runtime Monitoring
Kernel-level eBPF probes monitor every process spawn, file access, and system call on the host. Catches crypto miners, reverse shells, unauthorized binaries, and data exfiltration attempts. Completely invisible to and unreachable by the agent. Available on Pro and Enterprise plans.
Secrets Isolation
Credentials are fetched on-demand through authenticated channels and cached in memory only. API keys are never written to disk on the agent VPS, eliminating the risk of credential theft through environment variable or filesystem access.
Network Threat Intelligence
Every outbound connection is checked against threat intelligence feeds updated daily. Known malicious IPs (botnet command-and-control, malware infrastructure) are blocked at the firewall level before the connection is established.
Behavioral Anomaly Detection
Our behavioral engine establishes a baseline of normal activity for each agent: tool usage patterns, network destinations, resource consumption. Sudden deviations trigger investigation. Coming soon.
Detection architecture
Security layers run at three levels. Only the tool policy engine runs inside the agent. Everything else runs on the host or control plane, outside the agent's reach.
Control Plane
Host Operating System
Agent Container
Network isolation model
Your agent's network architecture eliminates entire classes of attacks.
Public Internet
Blocked
Edge Network
TLS termination
Encrypted Tunnel
Outbound-only
Agent VPS
Localhost-only
Encryption
Three layers of encryption protect your data at every stage.
At rest
AES-256-XTS encrypted storage volumes (LUKS2)
In transit
TLS 1.3 encrypted tunnels for all communication
Field-level
AES-256-GCM for sensitive database fields (tokens, secrets)
Token security
Credentials are handled with defense-in-depth at every step.
Audit logging
Every action is recorded with full context for traceability.
Ready to hire your first AI employee?
Production-ready in 5 minutes. All 7 security layers included on every plan.