Customers run Avowex so their agents can't go rogue, their rules can't be silently changed, and every action is provable. We operate our own platform to that same standard — and we're on a clear path to prove it with independent audits.
Audit underway. Report available under NDA on completion.
International information-security management certification.
The first AI-management standard — fitting for a trust layer.
Every decision hash-chained and independently verifiable.
A clear path for researchers to report security issues.
Independent penetration testing on a recurring cadence.
We state status honestly: live means in production today, in progress / scheduled means actively underway, on roadmap means planned and dated internally. We don't claim certifications we don't hold.
Autonomous agents introduce a new attack surface. Security researchers have named it — and every risk below is an action problem, which is exactly the layer Avowex controls.
Attackers corrupt an agent's context to change its behavior. Avowex enforces policy on the resulting action, regardless of how the agent was nudged.
Control → policy-gated actionsAn agent is tricked into abusing the access it's been granted. Avowex pauses risky tool calls for approval before anything happens.
Control → human-in-the-loop gateAn agent reaches beyond its intended scope. Avowex bounds what each agent may do and records every attempt.
Control → least-privilege + auditMapped to the OWASP Agentic AI threat taxonomy and the NIST AI Risk Management Framework — so our protections line up with a recognized industry model, not marketing language.
Defense in depth — from the edge to the audit trail — with special attention to the one thing that matters most for a trust layer: your rules can't be changed without a trace.
Every request is scoped to one organization. One customer can never read or change another customer's data or rules.
Each decision is cryptographically chained to the last, so the action history is append-only and any tampering is detectable.
A customer's rules can't be changed without authentication, authorization, and a tamper-evident record of every change.
API keys stored hashed — never in plaintext — plus enterprise SSO and separation of privileged access.
Encryption in transit and at rest, verified webhooks, and secrets kept out of source code.
Every unhandled error is captured for fast response, backed by a documented incident-response runbook.
Strengthening continuously: policy versioning & rollback, dual-control approval, MFA on privileged access, and live integrity/anomaly alerting are on our active hardening roadmap.
Buyers shouldn't take our word for it — that's the point of third-party attestation. Here's where we are and where we're headed.
The attestation US enterprise security reviews ask for by name.
The international gold standard for an information-security management system.
Certified AI management — a differentiator for an AI-governance platform.
Responsible disclosure is live; recurring independent pen tests are scheduled.
Customers and prospects can request our current evidence pack — security overview, sub-processor list, DPA, and our SOC 2 report (under NDA when available) — to support your own SOC 2, ISO, or vendor-risk review.
Existing customers can also pull compliance evidence directly from the Compliance page in your console.
The third parties we rely on to deliver the service. We keep this list current and notify customers of material changes.
| Provider | Purpose | Region |
|---|---|---|
| Render | Application & database hosting | US |
| Stripe | Billing & payment processing | US |
| Anthropic | LLM for the website assistant | US |
| WorkOS | Enterprise SSO & identity | US |
| HubSpot | CRM (sales & ambassador contacts) | US |
This is a representative list maintained for transparency; the authoritative, dated sub-processor list is included in the evidence pack.
Found a security issue? We want to hear from you. Email security@avowex.com — we'll acknowledge, investigate, and keep you updated. Please give us reasonable time to remediate before public disclosure.
View security.txt