Security & Compliance
Built so your security team has good answers.
Pantheon OS is the governance layer — every action logged, every secret encrypted, every approval recorded.
Encryption at rest
AES-256 for all data at rest. Postgres on managed Supabase with key rotation.
Encryption in transit
TLS 1.3 everywhere. HSTS, CSP, X-Frame-Options enforced on every response.
Tenant isolation
Postgres Row-Level Security on every table. No shared queries across orgs.
Secrets
OAuth tokens and provider keys stored in Supabase Vault. Never logged.
Audit trail
Every agent action, tool call, and approval is appended to an immutable log.
Approval gates
Destructive actions require human approval via web, CLI, or Telegram.
Policy as code
Policies live in your repo as YAML. Diff in PRs. Review in code review.
Off switch
Pause an agent, a connector, or the entire workspace in one click.
Compliance roadmap
- SOC 2 Type I — in progress (target: end of Q3)
- GDPR — DPA available on request
- HIPAA — on the roadmap (BAA available for design partners)
Found a vulnerability? Email me@nikhilbindal.com. We respond within 24 hours.