Security posture for Teranode.
What a vendor evaluator (CCO, IT, security review) needs to know before approving Teranode for use inside a regulated firm. This page is the answer to questions that typically arrive in a SIG or CAIQ. The deeper trust posture is at /trust; the policy + sub-processors are below.
Status.
- SOC 2 Type II: planned; not yet engaged. On the post-funding roadmap.
- No certifications overstated. If a control is implemented but not yet attested, this page says so. If the audit is not yet engaged, this page says so. We do not represent that we hold a certification we have not been issued.
- Penetration test. Pre-seed: not yet engaged. On the post-funding roadmap.
Sub-processors.
Third parties that process customer data in the course of delivering the Council. Each is bound by its own DPA. The full sub-processor list with purpose-of-processing is on /trust.
- OpenRouter: model routing and inference orchestration
- Anthropic, OpenAI, Google, xAI: frontier model providers (via OpenRouter), pinned to a non-PRC provider allowlist
- Vercel: hosting + serverless compute
- Neon: managed Postgres (eval store, opt-in scenarios)
- Groq: voice transcription (whisper-large-v3) on the demo surface
Controls posture.
Controls are aligned to SIG and CAIQ frameworks. Highlights:
- Data minimization. By default no scenario text is persisted server-side. Opt-in capture is required for eval scenarios; explicit consent is recorded on the record.
- No customer data in model training.Per the providers' API terms (Anthropic, OpenAI, xAI, Google, via OpenRouter), submitted data is not used for training; each provider maintains its own short retention window for abuse review, and OpenRouter may retain logs briefly for debugging. These are vendor terms, not a control we enforce in code. Restricting routing to zero-data-retention endpoints is a planned hardening, not yet in place; this page will say so when it ships.
- No PRC-jurisdiction provider in the client-data path. Every OpenRouter model call that carries user input, including the Council roles, the single-model baseline, and plan-document extraction, is pinned at the router to a vetted allowlist of non-PRC providers; voice transcription goes directly to Groq (US-based). DeepSeek appears only in our offline model benchmarking on synthetic scenarios, never in a live client-data path.
- Rate limiting at the function. 10 requests per minute per IP on the Council demo surface; 30 per minute on the transcription surface. Cost-DoS defense.
- IP audit projection. API responses are projected to a public schema before return. No internal metadata leaks to the client.
- Authentication. Admin surfaces are gated by HMAC-style signed cookies. Examples surface gated by shared password (single-shared until per-investor tokens ship post-funding).
- Encryption. TLS 1.2+ in transit. Data at rest is AES-256 encrypted: the managed Postgres (Neon) encrypts all data at rest by default.
- Documentation on request. Teranode completes a vendor security questionnaire (SIG-Lite style) for firms in active vendor review, and will execute a mutually agreeable DPA as part of a pilot engagement.
Incident response.
No security incidents to date. The founder is the on-call contact pre-funding; post-funding the incident response rotation moves to a fractional security engineer or full security hire. We disclose incidents to affected parties promptly, targeting 72 hours from detection.
Vulnerability disclosure.
Email security@teranode.ai with details, reproduction steps, and the impact you observed. We respond within 5 business days. We do not pursue legal action against good-faith security researchers acting under standard responsible-disclosure timelines.
Vendor due-diligence packet.
For RIA, broker-dealer, or family-office vendor reviews, request a DD packet (vendor security questionnaire, sub-processor list, security architecture summary; a DPA is executed as part of a pilot engagement): founders@teranode.ai.
For broader trust context (governance, regulatory posture, founder bio), see /trust. For the methodology behind Council quality claims, see /methodology.
