Trust / Security
Security controls security teams can review.
Identity-bound actions, tenant isolation, encryption, secrets management, and incident response — with certification status stated plainly.
Controls, not claims
Security reviewers should see what NeuroCluster controls, what the customer controls, and what evidence is available — achieved certifications, in-progress audits, and planned assurance work stated without shortcuts.
Platform controls include OIDC/SSO, RBAC, tenant-scoped data access, Vault-backed secrets, audit logging, and network isolation for agent sandboxes.
Certifications & assurance
Certification status is shared during procurement review: achieved, in progress, planned, and available-on-request evidence. We do not imply completion before evidence exists.
Shipped capabilities
- OIDC / SSO and SCIM provisioning (enterprise profile)
- RBAC and tenant-scoped resource access
- HashiCorp Vault for secrets management
- Platform audit log with configurable retention
- Firecracker microVM isolation for agent code
- Encryption in transit and at rest (deployment-specific)
- Incident response overview (procurement pack)
- Certification and pen-test status on request