Skip to main content
We're still building. Interested? Email us and we'll let you know when we're up and running.

Enterprise Features, Security, and Compliance

Built for SOC 2 Type II, ISO 27001, and GDPR from day one. Five-layer isolation protects your data at every level.

Compute

Sandboxed containers

Network

Isolated network segments

Crypto

Dedicated encryption keys (Pro)

Egress

Domain-level traffic filtering

Audit

Comprehensive logging + archival

Prompt Injection Defense

AI assistants that process external content — emails, documents, web pages — are vulnerable to prompt injection attacks, where hidden instructions attempt to hijack the AI assistant's behavior. FixedCostAgents detects and neutralizes these attacks so your AI assistant follows your instructions, not an attacker's.

  • Injection attempts hidden in emails, documents, and web content are detected and neutralized before your AI assistant acts on them
  • Your AI assistant's identity and instructions are protected — attempts to override its behavior are blocked
  • Defenses are continuously updated as new attack techniques emerge in the wild
  • Built into the platform — no configuration required, nothing for your team to manage
  • Included across all tiers — Standard, Premium, and Pro
  • Enterprise customers can request a detailed security brief on our detection and response processes

SOC 2 Type II

Designing for certification

All five Trust Services Criteria (Security, Availability, Processing Integrity, Confidentiality, Privacy) mapped to platform controls. Container sandboxing, envelope encryption, per-customer access scoping, audit logging, and automated provisioning/deprovisioning.

  • Sandboxed container runtime with hardened kernel
  • Envelope encryption at rest (shared or dedicated key)
  • Per-AI assistant access role scoping
  • Audit log retention (90-day hot, long-term cold archival)
  • Dual-layer ingress authentication (HMAC + bearer token)
  • Outbound domain filtering per tier
  • Automated provisioning and deprovisioning via billing webhooks
  • Hourly data snapshots (RPO 1hr)

ISO 27001

Control mapping complete

Relevant Annex A controls mapped to platform features. Pro tier dedicated infrastructure provides strong control boundaries for network segmentation (A.13) and cryptographic controls (A.10).

  • A.5 — Information security policies enforced via infrastructure-as-code
  • A.8 — Asset inventory via comprehensive tagging strategy
  • A.9 — Access control via RBAC + least-privilege policies
  • A.10 — Envelope encryption, dedicated keys for Pro
  • A.12 — Automated deployment, continuous monitoring
  • A.13 — Network segmentation, subnet isolation, hardware-enforced boundaries
  • A.14 — Infrastructure-as-code provisioning, version-controlled configs
  • A.15 — Sub-processor inventory (AWS, Stripe, Cloudflare)

GDPR Article 28

DPA template available

Data processor obligations addressed by architecture. Single-region deployment with EU option, customer data ownership, self-service export, and automated 30-day deletion with cryptographic key destruction.

  • Data residency: US primary, EU region option
  • Encryption at rest and in transit (TLS 1.2+)
  • Self-service JSON/ZIP data export via portal
  • Automated 30-day deletion on churn
  • Cryptographic key destruction (irreversible)
  • Per-customer access controls and audit logging
  • Sub-processor list with change notification
  • 72-hour breach notification commitment

How many AI assistants do you need?

Get a dedicated AI assistant for leaders one level below where leaders have human assistants. Consider one per team or per department. Technical teams may want a group assistant as well as individual ones. They all communicate with each other in your group chats to coordinate and achieve goals together.

Need a security brief, DPA, or vendor questionnaire? Hundreds of AI assistants? Reach out, we’d love to hear from you.

Contact Us