HiveSec Engine is built for procurement.

Security buyers and their procurement teams require evidence, not assurances. This page sets out the substance of HiveSec Engine's security posture: how AI is used and governed, how the platform is built, how data is handled, how access is controlled, and how we engage with the security community.

Multi-tenant by design Encryption at rest & in transit Serverless & IaC Audit trail with attribution

AI involvement and data flow.

AI agents are the platform's assessment execution layer. They investigate potential findings, test exploitability, retrieve evidence and model attack paths. The structured assessment records they operate on (findings, host inventory, service map) are passed to Anthropic for inference where reasoning is required. That data is not retained beyond the inference request and is not used to train models, in accordance with Anthropic's commercial data-protection terms.

AI involvement is conditional and controllable:

Conditional invocation.

AI agents are engaged only where the underlying assessment data has materially changed. A stable environment that has not changed since the previous assessment run does not trigger AI inference.

Per-tenant configuration.

The operator can disable AI involvement at the tenant level. Assessments run end-to-end through deterministic execution paths without any data leaving HiveSec Engine's AWS environment.

AI-free engagements.

Customers and partners that require AI-free assessment for regulatory, contractual or organisational reasons can be served end-to-end on the same platform without AI invocation.

Architecture and isolation.

HiveSec Engine is built on AWS with all infrastructure managed in code. The platform's core characteristics are:

Multi-tenant by design.

Every organisation on the platform is a tenant within a hierarchical model. Tenant isolation is enforced at every layer: data, access, communication, configuration.

Access control and isolation.

Platform access is governed by role and resolved per request. Tenants are isolated from one another; principals cannot access or enumerate resources outside their authorised scope.

Serverless and ephemeral compute.

Workloads exist for the duration of their use and are reclaimed afterwards. There is no long-running shared infrastructure within which one tenant's data could persist into another's request.

Infrastructure as code.

Every infrastructure component is defined in code and version-controlled. No manual changes are made to the production environment.

Data handling.

Encryption at rest.

All persistent data is encrypted at rest. Stored artefacts use AES-256.

Encryption in transit.

All communication with the platform is over HTTPS. Internal service-to-service communication is encrypted in transit.

Data residency.

Customer data is stored in the AWS region specified for the engagement. Deployments are available in the following regions:

United Kingdom: eu-west-2 (London)
European Union: eu-west-1 (Ireland), eu-central-1 (Frankfurt)
United States: us-west-2 (Oregon)
Australia: ap-southeast-2 (Sydney)
Canada: ca-central-1 (Montréal)

Data retention.

Retention of assessment data (findings, evidence, scan outputs) is configurable at the tenant or engagement level. The retention period is agreed in engagement scoping rather than imposed by a platform default, letting the operator and the client align it with their own regulatory, contractual or operational requirements.

Audit log retention is held separately and follows a longer schedule. Audit data (user actions, finding state changes, assessment events, communications) is retained for seven years by default to support compliance, regulatory and historical-review requirements.

Customer-initiated deletion is supported. Timing of deletion, including any retention obligations that may apply, is confirmed in writing during engagement scoping.

Sensitive content handling.

Findings and artefacts containing sensitive technical or organisational information are subject to the same access controls as the engagement they belong to. Sharing of artefacts outside the engagement requires explicit action and is recorded in the audit trail.

Authentication and access.

RBAC · resolved per request

L1 Platform › L2 Organisation › L3 Engagement

Identity provider.

Authentication is via Amazon Cognito with federation to enterprise identity providers: Google Workspace, GitHub, and SAML-based providers including enterprise single sign-on. There is no self-registration; users are provisioned by an administrator.

Session management.

Access tokens are short-lived. Refresh tokens are bounded and revocable. Sessions are scoped to the identity provider's session policies where federation is in use.

Domain restriction.

Organisations may restrict invitations to specified email domains. The platform validates the domain of every invited user against the organisation's allowed list.

External client access.

Client contacts who receive briefings or disclosure notifications access the relevant view via a single-use, time-limited secure link. They do not receive a platform account. Links are bound to a specified email address; the email is verified before access is granted. Every issuance, verification and use of a link is recorded in the audit trail.

Audit trail.

Every user action on the platform is recorded with attribution and timestamp. The audit record includes:

Every authentication and authorisation event
Every assessment executed, with start and completion timestamps
Every finding created, modified, or transitioned through its lifecycle
Every client communication sent and every client response received
Every administrative change to organisation, engagement or integration configuration

The audit record supports the operator's internal governance, their clients' compliance requirements, and the procurement scrutiny enterprise engagements demand.

AUDIT · attribution · recorded retention 7y · queryable

14:02:48Zfinding.transitiona.torres@INC-2040 · open → acknowledged · engagement/eng_4f2

14:02:31Zbriefing.sentplatformto client.contact ··· secure-link · 24h ttl

13:58:14Zassessment.startschedulercvm.daily · org/o_8821 · scope hash 9c12…

13:46:02Zaccess.grants.chen@engagement/eng_4f2 · role: analyst

13:44:50Zintegration.routeplatformfinding F-219 → jira/SEC-4421

13:41:18Zfinding.createmethodologyF-219 · tls.expired · severity:med

Every event carries actor · timestamp · resource · before/after.UTC · ISO-8601

Sub-processors.

HiveSec Engine relies on the following third-party services in the operation of the platform:

Amazon Web Services.

Compute, storage, database, authentication, transactional email, and other foundational services. The platform's production environment is operated entirely within AWS.

Anthropic.

Large language model inference used in the analytical phases of HiveSec Engine's assessment methodologies. Inference is invoked only where the underlying assessment data has materially changed and reasoning is required; deterministic execution paths complete without involvement of the Anthropic or any other AI provider.

Detailed information on each sub-processor (data shared, contractual data-handling terms, operational controls) is available for procurement-stage review on request.

Platform integrity.

HiveSec Engine applies to its own platform the rigour it applies to customers' environments. Secure development practice, code review, infrastructure hardening, dependency tracking and continuous self-assessment are part of the platform's normal operation. Documentation of the controls in place is available for procurement-stage review.

Independent third-party assessment of the platform is available as part of the procurement-stage engagement for prospective customers and partners where it is material to the relationship.

Certifications and attestations.

Detailed documentation of HiveSec Engine's architectural and operational controls is available for procurement-stage review on request. This documentation covers tenant isolation, role-based access, encryption, data handling, audit trail and operational practice at the depth a procurement security review requires.

Responsible disclosure.

HiveSec Engine operates a responsible disclosure programme for vulnerabilities identified in our platform and our infrastructure. Reports may be submitted to disclosure@hivesec.com or via the contact published at /.well-known/security.txt. Reports are acknowledged within five business days and managed through the same disclosure workflow we offer partners as a service.

Disclosure mailbox disclosure@hivesec.com Acknowledged within five business days · PGP key on request

Contact for security inquiries.

For procurement-stage security review, due diligence, or other security inquiries, contact the platform security team.

Security mailbox security@hivesec.com Procurement-stage security review · due diligence

Procurement

Speak to our security team about your procurement review.

We will share the detailed controls documentation, walk you through architecture and data handling against your control framework, and engage your procurement security review directly.

security@hivesec.com