MeshGuard is built to govern AI agents — and that starts with earning your trust. Here’s how we protect your data, your agents, and your organization.
Security isn’t a feature we bolt on — it’s foundational to everything we build. As an AI agent governance platform, MeshGuard handles sensitive policy configurations, audit trails, and agent behavioral data. We treat every byte with the seriousness it deserves.
In transit: All communication between clients, agents, and MeshGuard services is encrypted using TLS 1.2+ (with TLS 1.3 preferred). We enforce HTTPS everywhere with HSTS headers.
At rest: Data stored in our databases and object stores is encrypted using AES-256. Encryption keys are managed through a dedicated key management service with automatic rotation.
MeshGuard processes agent telemetry, policy evaluation results, and governance metadata. We follow strict data-handling principles:
Governance without trustworthy audit logs is theater. MeshGuard audit logs are:
Our infrastructure follows security best practices across the stack:
We are actively pursuing SOC 2 Type II certification. Our controls are designed from day one to meet SOC 2 Trust Service Criteria for security, availability, and confidentiality. We expect to complete our audit in 2026.
If you need details on our current security posture for your vendor review, reach out to security@meshguard.app.
We welcome security researchers who help us keep MeshGuard safe. If you discover a vulnerability, please report it responsibly:
Email: security@meshguard.app
Response time: We acknowledge reports within 48 hours and aim to provide an initial assessment within 5 business days.
Please include a detailed description, steps to reproduce, and potential impact. We ask that you give us reasonable time to address the issue before public disclosure.
We recognize and appreciate the security research community. While we are building out a formal bug bounty program, we commit to:
Send all reports to security@meshguard.app.
Is MeshGuard SOC 2 compliant?
MeshGuard is actively pursuing SOC 2 Type II certification. Our controls are designed from day one to meet SOC 2 Trust Service Criteria for security, availability, and confidentiality. We expect to complete the audit in 2026. Contact security@meshguard.app for our current security posture documentation.
How are audit logs stored?
Audit logs are stored in immutable, append-only databases with cryptographic chaining. Each log entry is tamper-evident — unauthorized modifications are detectable. Logs can be exported at any time for compliance review or external audit.
What encryption does MeshGuard use?
All data in transit is encrypted using TLS 1.2+ (TLS 1.3 preferred) with HSTS enforcement. Data at rest is encrypted using AES-256 with automatic key rotation through a dedicated key management service.
Does MeshGuard train on customer data?
No. MeshGuard never uses customer agent data, policy configurations, or audit logs to train any models. Your governance data is yours — we process it only to provide the service and delete it according to your retention preferences.
How does MeshGuard handle multi-tenant isolation?
All tenant data is logically isolated at the database level. Each organization's agents, policies, audit logs, and trust scores are scoped to their org ID. No cross-tenant data access is possible by design.
How do I report a security vulnerability?
Email security@meshguard.app with a detailed description, reproduction steps, and potential impact. We acknowledge reports within 48 hours and provide an initial assessment within 5 business days. We do not pursue legal action against good-faith researchers.
This page was last updated on January 26, 2026. For our machine-readable security policy, see security.txt.