Security Principles
Defense in Depth
Multiple layers of security controls protect your data at every level
Least Privilege
Access is limited to only what’s necessary for each function
Zero Trust
Every request is authenticated and authorized, regardless of source
Transparency
Clear documentation of our security practices and audit trails
Security Architecture
Infrastructure
| Layer | Protection |
|---|---|
| Network | VPC isolation, firewall rules, DDoS protection |
| Compute | Containerized workloads, isolated execution |
| Data | Encryption at rest and in transit |
| Application | Authentication, authorization, input validation |
Data Flow
Compliance
SOC 2 Type II
In progress, expected early 2026
Data Encryption
Data is encrypted in transit and at rest
Monitoring & Audit
- Comprehensive logging: All access and actions logged
- Audit trails: Immutable records for review
- Anomaly detection: Automated security monitoring
- Incident response: Defined procedures for security events
Secure Execution
When Adapt runs code on your behalf:- Isolated containers: Each execution in its own sandbox
- Network controls: Restricted outbound access
- Resource limits: Bounded CPU, memory, and time
Responsible AI
Data Usage
- Your data is never used to train AI models
- Queries are processed in isolated sessions
- No data sharing between organizations
AI Transparency
- You can see what tools Adapt used
- Query history is available for review
- Actions require explicit approval
Reporting Security Issues
If you discover a security vulnerability:- Email: hello@adapt.com
- Include: Description, steps to reproduce, potential impact
- Response: We’ll acknowledge within 24 hours