SECURITY & COMPLIANCE

Designed for the
security review,
not around it.

SOC 2 audited. Patented orchestration. Trusted today on contracts where data exposure isn't an option.

FIRST PRINCIPLES

Three commitments. No asterisks.

PRINCIPLE · 01

Your data stays put.

Models, agents, and tooling read your data in place. We never copy it out, log it externally, or feed it into anyone else's training pipeline.

PRINCIPLE · 02

Your keys, your perimeter.

BYO KMS / HSM. Envelope encryption end-to-end. We can be deployed where Listening Post staff have zero standing access to your environment.

PRINCIPLE · 03

Audit-ready by default.

Every prompt, tool call, and agent step is logged, replayable, and exportable. Designed to pass procurement on day one.

COMPLIANCE

Audited. Documented. Defensible.

CERTIFICATIONS & FRAMEWORKS

  • SOC 2 Type II CURRENT
  • HIPAA CONFIGURABLE
  • FedRAMP Moderate ROADMAP
  • NIST AI RMF aligned CURRENT
  • Patented orchestration architecture ISSUED

HOW A REQUEST FLOWS

01
Inside your perimeterUser or service calls the Listening Post API.
02
Identity-aware routingRequest authenticates through your IAM. Policy enforced before model selection.
03
Read in placeRetrieval and tool-use query your data where it lives. Nothing copied out.
04
Inference, in-perimeterModel runs on your GPUs or your VPC endpoint.
05
Audit on exitPrompt, response, tool calls written to your immutable log store.

DEPLOYMENT POSTURE

Pick your perimeter.

Listening Post adapts to your security posture, not the other way around.

ON-PREM

Runs entirely in your data center. Zero egress. Your network, your hardware.

  • Customer-managed keys (BYO KMS / HSM)
  • No standing Listening Post access required
  • Telemetry opt-in and customer-controlled
  • Backup and DR runs on your infrastructure

NEXT STEPS

Bring your hardest review.

We've shipped to teams that don't sign DPAs lightly. Let's walk your security org through the architecture.

Request a Demo Explore the Product