Security & Trust
As a security product, the integrity of ABS Core is our highest priority. We employ a multi-layered defense strategy to ensure your agents are governed by an untamperable authority.1. Trusted Execution Environments (TEE)
ABS Core is designed to run in hardware-enforced TEEs (such as AWS Nitro Enclaves or Cloudflare’s Trusted Compute). This ensures:- Runtime Isolation: Neither the provider nor any other process can inspect the memory of the ABS Engine.
- Attestation: Cryptographic proof that the exact code you expect is the one executing.
2. Immutable Audit Ledger
Every decision made by the ABS Engine is recorded in a Merkle Tree-based Ledger.- Hash Chaining: Each entry contains the cryptographic hash of the previous one.
- Tamper Detection: Any modification to historical logs immediately breaks the chain integrity, triggering alerts.
3. Secret Vault & Key Management
- JIT Injection: API keys for downstream LLMs (OpenAI, Gemini) are injected Just-In-Time and never persisted in logs or shell environments.
- Hardware Security Modules (HSM): Master keys are stored in FIPS 140-2 Level 3 HSMs.
4. Zero-Trust Architecture
- Fail-Close by Design: If a policy engine fails to reach a verdict, the default action is
DENY. - RBAC: Strict role-based access control for all internal APIs and dashboards.
5. Compliance
ABS Core is built to meet the requirements of ISO 27001, SOC2 Type II, and the HIPAA Security Rule for AI workloads.[!NOTE] For detailed reports on our 2026 security audit, please contact security@abscore.app.