ProductEvidenceDevelopersTrustCompany
Trust

Security and trust for enterprise pilots.

Kernel is designed for environments where data flow, auditability, and deployment boundaries matter.

Data Flow

Kernel evaluates agent behavior without accessing the execution context. The flow is intentionally narrow:

Agent ──POST /evaluate──> Kernel API
  { agent_id, action_type, amount, metadata }

  Kernel evaluates against behavioral history —
  never reads PII, secrets, conversation content,
  or raw output.


Kernel API ──{ decision, risk, signals, version }──> Agent

What Kernel never needs: customer names, email addresses, API keys, free-text conversation content, function arguments beyond the action type and amount. The payload is structurally minimal by design.

Encryption & Isolation

In Transit

TLS 1.3 required for all API connections. Certificate pinning available for self-hosted deployments.

At Rest

AES-256 encryption for all stored evaluation data. Keys are tenant-isolated and rotated every 90 days.

Tenant Isolation

Each tenant operates in a separate database schema with row-level security. No cross-tenant access is possible.

Network Isolation

Self-hosted deployments run in your VPC with no outbound internet requirement. Hosted tenancy uses dedicated private networking.

Deployment Modes

Hosted

Managed Kernel API with automatic upgrades, 99.95% uptime SLA, SOC 2 audit in progress. No infrastructure management.

Self-hosted

Single Docker container with PostgreSQL. Data never leaves your network. Full control over upgrades and retention. Same API, same signal logic.

Retention & Deletion

Default retention: 90 days for evaluation history and signal scores.

Extended retention: Configurable up to 7 years for regulatory compliance (FINRA, SOX, etc.).

Deletion: Tenant-initiated deletion processed within 48 hours. Full purge includes all evaluation records, signal scores, and agent state. Partial deletion available by session or agent ID.

Data portability: Full export available in JSONL format via API. Every evaluation includes a unique evaluation_id for cross-referencing with your own audit logs.

Compliance Roadmap

SOC 2 Type II

Audit in progress. Covers security, availability, and confidentiality trust principles.

Data Processing Agreement

Available on request. Covers GDPR and CCPA data processing requirements. Standard DPA with no unusual exclusions.

FAQ

Does Kernel have access to my agent's conversations or outputs?
No. The evaluate payload only contains agent_id, action_type, amount, and optional metadata. Kernel never receives conversation content, raw model outputs, or function arguments beyond what you explicitly send.
Can Kernel block transactions that my policy rules would allow?
No — Kernel produces recommendations (ALLOW / REVIEW / BLOCK). In observation mode, it never blocks. In intervention mode, the decorator raises RuntimeTrustBlock only when configured to do so. You control enforcement.
What happens if Kernel's API is unreachable?
The SDK supports a configurable timeout and fallback mode. By default, if the API is unreachable, the function executes without evaluation (fail-open). An optional fail-closed mode blocks execution if Kernel cannot be reached. The behavior is your choice.
Is Kernel SOC 2 compliant?
SOC 2 Type II audit is in progress. In the meantime, we provide a detailed security questionnaire and DPA on request. Contact us at [email protected].
Can I run Kernel entirely offline?
Yes. Self-hosted mode requires zero internet connectivity. The Docker container has no outbound network requirements. Optional telemetry can be disabled.
K

Detect behavior change before
money moves.