01
Architectural Security
Our infrastructure follows a "Defense-in-Depth" strategy — multiple independent security layers, each assuming the others may fail.
Stateless, Isolated Processing
Our compute environment is stateless — each request is processed independently with no shared state between requests. Prompt data exists only in volatile memory for the duration of a single request and is discarded immediately after. There is no session persistence, disk storage, or cross-request data leakage.
AWS VPC — Private Network Architecture
Our backend services run inside an AWS Virtual Private Cloud (VPC) with isolated private subnets — no service has a public IP or direct internet exposure. All external traffic is routed through an edge security layer with Web Application Firewall (WAF) rules, rate limiting, and bot protection before reaching any backend service within the VPC.
Zero-Persistence Processing
Prompts and AI responses are processed entirely in volatile memory (RAM) and are never written to disk or object storage. Once inference is complete, the data is purged from memory. There is no log, database, or file that contains your prompt content.
Edge Protection & DDoS Mitigation
All traffic is routed through a global edge network with automatic DDoS mitigation, IP-based rate limiting (per-IP throttling), managed rulesets for SQL injection, cross-site scripting (XSS), and known exploit signatures.
02
Data Handling & Privacy
We believe you shouldn't have to trust us with your data — our architecture makes it unnecessary.
Metadata-Only Logging
We log the "Who, When, and How Much" — never the "What." Our databases store token counts, latency metrics, and violation types (e.g., "PII detected"), but we never store the content of your prompts or completions.
Encryption Everywhere
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. Internal service-to-service communication is also encrypted. There are no plaintext data paths.
No-Training Guarantee
We do not use your data to train any models. We partner only with AI providers who offer contractual data privacy guarantees for API users — your prompts are never used for model improvement by any party in the chain.
Automated Log Scrubbing
All application logs pass through a real-time scrubbing layer that detects and redacts API keys, bearer tokens, and credential patterns before they reach any log storage or monitoring system.
03
Identity & Key Management
We protect your credentials with the same rigor as a financial institution protects account numbers.
BYOK Key Encryption
Your "Bring Your Own Key" (BYOK) provider credentials are encrypted using AES-256 authenticated encryption before storage. The encryption key is stored separately in a hardware-backed key management service — even a database breach cannot expose your keys.
Hardware-Backed Secret Management
All system-level secrets — encryption keys, internal tokens, provider credentials — are stored in a dedicated, hardware-backed secrets management service with automatic rotation support. Secrets are never stored in code, config files, or environment variable logs.
One-Way API Key Hashing
Your API keys are stored as irreversible cryptographic hashes with a server-side pepper. Even in the event of a complete database breach, raw API keys cannot be recovered or reused. Keys are shown once at creation and never again.
Session-Based Playground Security
Internal playground credentials never leave the server. The browser sends only your prompt — the API key is resolved server-side using your authenticated session and verified via a cryptographic handshake between our frontend and backend services.
04
The AI Firewall
Every prompt passes through our governance engine before reaching any LLM provider.
Multimodal OCR Scanning
We are one of the few platforms that provides OCR-based scanning for images, preventing PII leaks hidden in screenshots, config files, or document uploads.
28+ Entity Recognition
Our engine scans for PII, secrets, and credentials across 28+ categories — including names, SSNs, credit cards, email addresses, IP addresses, API keys, and cloud credentials.
Custom IP Guard
Enterprises can define custom detection patterns (regex rules) to protect internal project names, code names, intellectual property, and proprietary terminology from being sent to any LLM provider.
Prompt Injection Defense
We proactively detect and block known prompt injection patterns — including jailbreak attempts, instruction override payloads, and role-escape sequences — before they reach the model.
Fail-Closed Architecture
If the AI Firewall is unavailable or returns an error, the request is immediately terminated. We never forward un-scanned data to any LLM provider. Security takes priority over availability.
05
Responsible Disclosure
We take security seriously and welcome the help of the security community.
Continuous Security Scanning
We perform automated vulnerability scanning of all container images and dependencies on every build, with critical findings blocking deployment.
Security Contact
If you believe you have found a security vulnerability in our platform, please contact us immediately at security@opensourceaihub.ai. We reward responsible disclosure and work to patch all critical issues within 24 hours.
06
Open-Source Foundations
Built on auditable, transparent foundations. Isolated and secured for the enterprise.
Our platform combines industry-standard security foundations with a proprietary governance layer. While we interface with a diverse range of global model providers — both open and closed — our core security engine is built on auditable, transparent foundations that ensure your data is processed in a fully isolated environment.
Hub Governance Engine
Policy-driven PII detection and redaction with multi-stage verification and false-positive suppression. Per-project sensitivity tiers (Strict / Balanced / Relaxed) provide granular control over detection thresholds for specific business requirements.
Extended Detection Signatures
Domain-specific detection rules including name-initial patterns, configurable entity recognizers, and custom IP-Guard rules that protect your proprietary terminology and internal project data from reaching any LLM provider.
Vision Security Layer
Text extraction and PII inspection for image payloads within our isolated container environment, preventing data leaks hidden in screenshots, documents, and other non-textual content.
Model Orchestration Layer
Multi-provider model abstraction with cost-optimized, capability-aware routing across 9+ providers. Automatic failover on provider errors in Managed Mode ensures high availability without vendor lock-in.
What is proprietary: Our policy evaluation engine, enforcement decision logic, cost-optimized routing algorithms, custom detection signatures, token budgeting system, and governance orchestration workflows are proprietary to Datum Fuse LLC. Our architecture integrates proven, auditable frameworks into an isolated, multi-provider security fabric designed for production-scale AI governance.
Compliance Roadmap
Our path to enterprise-grade certifications.
| Certification | Status |
|---|---|
| SOC 2 Type I | In Preparation |
| SOC 2 Type II | Planned Q1 2027 |
| Designed for GDPR Compliance | Architecturally Aligned |
| CCPA Compliance | Architecturally Aligned |
| HIPAA | In Progress |
| Penetration Testing | Scheduled |
Status reflects our current architectural alignment. Formal audits are scheduled for late 2026.
Security FAQ
Common questions from security teams and enterprise architects.
Do you store my prompts or AI responses?
No. Prompts and completions are processed entirely in volatile memory (RAM) and discarded immediately after the request is fulfilled. We persist only metadata — token counts, latency, and violation types — never content.
What happens if your DLP engine fails?
Our architecture is "Fail-Closed." If the AI Firewall is unavailable or returns an error, the request is terminated with a 500 error. We never forward un-scanned data to the LLM provider.
Can your team see my prompts?
No. Prompts exist only in ephemeral container memory during processing. There is no log, database, or storage that contains prompt content. Even our engineering team has no mechanism to access your data in transit.
How are my BYOK API keys protected?
Your provider API keys are encrypted with AES-256 authenticated encryption before storage. The encryption key is stored in a separate hardware-backed secrets manager. Even if our database were fully compromised, your keys remain unreadable.
Do AI providers train on my data?
The providers we support do not use API data for model training. We partner only with providers who offer contractual data privacy guarantees. We encourage you to review each provider's data processing agreement.
How do you protect against DDoS and abuse?
All traffic passes through an edge security layer with per-IP rate limiting, managed WAF rulesets (SQL injection, XSS, known exploits), and automatic DDoS mitigation. Additionally, per-API-key rate limiting is enforced at the application layer.
What happens if someone steals an API key from my logs?
API keys are stored as irreversible cryptographic hashes with a server-side pepper, so leaked hashes are useless. If a raw key is compromised, you can instantly revoke it from the dashboard — revocation takes effect on the very next request.
How do you handle internal credentials (like the Playground)?
Internal credentials are resolved entirely server-side and are never sent to or visible in the browser. The Playground UI uses your authenticated session to issue requests — no API key is ever exposed to the client.