Autonomous agents you can actually audit
Agents that take real actions need real controls. We deploy inside your perimeter, scope every permission, and log every decision — so security and compliance teams sign off instead of slowing you down.
- Private & air-gapped deployments
- Least-privilege action layer
- Full decision lineage
- SOC 2 / HIPAA / GDPR alignment
Six layers between an agent and your systems
Security isn't a feature we bolt on at the end. It's the architecture an agent runs inside.
Private deployment
On-prem, in your VPC, hybrid, or fully air-gapped. Your prompts, context, and outputs never touch a shared multi-tenant service.
Scoped action layer
Least-privilege credentials, action allow-lists, and spend and rate limits. An agent can only ever do what its policy explicitly permits.
Human approval gates
High-risk steps — payments, deletions, external messages — pause for a human. Approvers see the full context before they sign.
Decision lineage
Every tool call, model input, and output is captured with timestamps and identities, so any action can be reconstructed end to end.
Model governance
Versioned prompts and models, risk thresholds, eval gates, and change control — the same rigor you'd expect from regulated software.
Identity & secrets
SSO, role-based access, and secrets brokered through your vault. Agents authenticate as scoped service identities, never shared keys.
Your data stays yours
Most agent demos quietly route your data through someone else's cloud and, worse, into someone else's training set. We design the opposite: data residency you control, encryption in transit and at rest, and providers configured with zero retention and training disabled.
When even that isn't enough — defense work, PHI, source code, deal data — we run open-weight models on hardware inside your network. Nothing leaves the perimeter, and there's no third party to trust.
- Zero retention, training disabled on every provider
- Encryption in transit and at rest
- Data residency and PII/PHI handling to your boundary
- Open-weight models on your own hardware when required
Default agent setup vs. ours
The difference between a clever demo and something a security team will approve.
| A typical agent demo | An Automatic.co deployment | |
|---|---|---|
| Hosting | Shared third-party cloud | Your VPC, on-prem, or air-gapped |
| Data use | May be retained or trained on | Zero retention, no training |
| Permissions | Broad API key | Scoped, least-privilege identities |
| Risky actions | Executed automatically | Gated behind human approval |
| Auditability | Opaque | Full decision lineage |
| Compliance | Your problem | SOC 2 / HIPAA / GDPR by design |
How we clear your security review
We expect the questionnaire — and we come prepared for it.
Disclose
We share our controls, data-flow diagrams, and subprocessor list, and complete your vendor security questionnaire up front.
Scope
We map exactly what data each agent touches and define the perimeter, identities, and approval policy with your security team.
Harden
We deploy inside your boundary, wire up SSO, secrets, and logging, then run threat modeling and red-team passes on the action layer.
Attest
We hand over lineage dashboards and evidence your auditors can use, and keep controls current as the fleet grows.
Frequently asked questions
Does my data ever train a third-party model?
No. We deploy with training and retention disabled on every provider, and your data stays inside your perimeter. For the strictest cases we run open-weight models on your own hardware so nothing leaves the building.
Are you SOC 2 compliant?
We align engagements to SOC 2 Type II controls and work inside your existing attestation boundary. If you need our own report or a vendor security review, we'll share our controls documentation and complete your questionnaire before kickoff.
How do you stop an agent from doing something destructive?
Every agent acts through a scoped action layer with least-privilege credentials, hard allow-lists, spend and rate limits, and human approval gates on high-risk steps. Anything outside policy is blocked and routed to a person, not retried blindly.
Can you support HIPAA or air-gapped environments?
Yes. We sign BAAs, deploy into VPC-isolated or fully air-gapped networks, and design PHI/PII handling, encryption, and logging to your regulatory boundary from the first call.
Bring your security team to the first call
We'd rather answer the hard questions now than after a pilot. Walk us through your perimeter and compliance boundary, and we'll show you the controls that fit.