SECURITY
Agent Security Starts With the Data Layer
Autonomous agents need tamper-proof reasoning, isolated memory, and infrastructure-grade encryption. HatiData delivers all three — inside your VPC.
Autonomous systems don't just need data security — they need reasoning-chain integrity, per-agent access control, and verifiable decision trails. ANDI builds all of this into the infrastructure layer.
AGENT SECURITY
Securing Autonomous AI Agents
Four security primitives purpose-built for agentic workloads. Every agent action is isolated, auditable, and reversible.
CoT Hash-Chain Ledger
- Every reasoning step cryptographically hash-chained to the previous
- Immutable and tamper-evident by construction
- Auditors can verify any decision on demand
Memory Namespace Isolation
- Per-agent isolated schemas — no shared memory space
- Cross-agent access blocked at the engine level
- RBAC enforced on every memory read and write
Branch Isolation
- Agents explore in sandboxed schema branches
- Zero-copy on create, merge-or-discard lifecycle
- Main data remains untouched until explicit merge
MCP Tool Permissions
- Per-tool allow/deny policies per agent
- Query cost limits enforced before execution
- Every tool invocation logged to immutable audit trail
QUERY PIPELINE
Multi-Stage Security. Every Query.
Every query an agent sends passes through a multi-stage pipeline. Five stages are dedicated security enforcement points.
Connection Auth
Table Extract
Policy Check
Every query evaluated against org-level security policies before execution.
Cost Estimate
Quota Check
Per-agent compute budgets enforced. No runaway queries.
Row Filter
Row-level security applied automatically based on agent identity.
SQL Transpile
Snapshot Pin
Query Execute
AI Heal
Column Mask
PII and sensitive columns masked per role before results return.
Meter
Audit
Immutable audit log written to object storage with Object Lock.
ARCHITECTURE
Your VPC. Your Data. Always.
Every component runs inside your cloud account (AWS, GCP, or Azure). Agent security controls — CoT integrity, memory isolation, branch sandboxing — are enforced at the proxy layer.
Postgres wire-compatible proxy. TLS 1.3. Handles auth, RBAC, column masking, and SQL transpilation.
Single-tenant analytical engine. In-process with the proxy -- no network hop. Columnar execution.
Dedicated high-performance SSD for hot data. AES-256-XTS encrypted with your CMEK. Multi-tier cache.
Open format tables in your S3 / GCS / Azure Blob storage. KMS encrypted. Zero vendor lock-in.
Customer-managed encryption keys via AWS KMS, GCP Cloud KMS, or Azure Key Vault. Controls encryption for cache, storage, and audit logs. You own the keys.
Encrypts Cache + Storage + Audit Logs
Manages configuration, billing, and updates. Never sees your data. Connected via private endpoint only.
Config, billing, updates only. Never sees your data.
ENCRYPTION
Encrypted at Every Layer
Six layers of encryption from client to storage. Your keys, your control.
| Layer | Protocol | Key Management |
|---|---|---|
Client → Proxy | TLS 1.3 | Auto-rotated certificates |
Proxy → Engine | In-process | N/A (same process) |
SSD Cache | LUKS AES-256-XTS | Customer CMEK via KMS |
Object Storage | SSE-KMS (AES-256) | Customer CMEK via KMS |
Audit Logs | SSE-KMS + Object Lock | Customer CMEK via KMS |
Control Plane Link | PrivateLink (TLS 1.3) | Cloud-provider managed |
COMPLIANCE
From Deploy to SOC 2 in 180 Days
A clear path to full compliance, starting from the moment you deploy.
Deploy In-VPC
HatiData runs in your cloud account (AWS, GCP, or Azure). Your existing SOC 2 controls cover the data plane.
Security Review
Architecture review with your security team. SIG Lite questionnaire completed.
Shadow Mode Complete
7-day comparison report delivered. Full compatibility matrix.
Production Ready
Agent audit trails active. Every reasoning step hash-chained. Memory isolation verified.
SOC 2 Type I
HatiData control plane SOC 2 Type I report available.
SOC 2 Type II
Type II observation period complete. Full report available.
GOVERNANCE
CISO Approval Checklist
Everything your security team needs to say yes.
- Data never leaves your VPC
- Customer-managed encryption keys (CMEK)
- Zero public internet traversal (PrivateLink)
- Immutable query audit logs (S3 Object Lock, 7yr retention)
- Role-based access control with column masking
- SOC 2 Type II (in progress, Day 180)
- DPA/MSA/BAA templates available
- Agent reasoning traces immutable (cryptographic hash chain)
- Per-agent memory isolation enforced at schema level
FAQ
Agent Security Questions
Common questions from security teams evaluating HatiData for agentic workloads.
No. Every reasoning step is cryptographically hash-chained to the previous step. Modifying any step breaks the chain, and the integrity violation is immediately detectable. The replay_decision tool verifies the full hash chain on demand.
No. Each agent’s memory lives in a separate isolated schema. The proxy enforces namespace isolation at the connection level — there is no SQL path to cross schemas. RBAC policies add a second layer of enforcement.
Every query passes through multiple pipeline stages including policy check, quota enforcement, row-level security, and column masking before reaching the engine. Queries that violate org-level policies are blocked before execution, logged to the immutable audit trail, and flagged for review.
SOC 2 Type I is targeted for Day 90 post-launch. The Type II observation period completes by Day 180. Because HatiData deploys inside your VPC, your existing SOC 2 controls cover the data plane from Day 1 — you inherit your own compliance posture.
Built for Agents. Trusted by Security Teams.
Tamper-proof reasoning. Isolated memory. In-VPC deployment. CMEK encryption. Immutable audit logs. Agent security built into the data layer.