Gremlin is built with enterprise security at its core. From data encryption to compliance frameworks, we ensure your AI evaluation workflows meet the highest security standards without compromising on performance.
Every piece of data processed by Gremlin is protected with industry-leading encryption and access controls. We implement zero-trust architecture to ensure only authorized systems can access your evaluation data.
01 ::
End‑to‑end encryption
AES-256 encryption for data at rest and TLS 1.3 for data in transit, with customer-managed keys.
02 ::
Zero‑trust networking
Every request is verified and authenticated, with network segmentation and least-privilege access.
03 ::
Data residency controls
Choose where your data is processed and stored, with options for on-premise deployment.
04 ::
Automatic data purging
Configurable retention policies with secure deletion and audit trails for compliance.
// Compliance & Certifications
Built for regulated industries
Gremlin meets the compliance requirements of highly regulated industries. Our security program is designed to support organizations in healthcare, financial services, and government sectors.
01 ::
SOC 2 Type II
Comprehensive security controls audited by third-party assessors for confidentiality and availability.
02 ::
GDPR & CCPA Ready
Built-in privacy controls, data subject rights, and automated compliance reporting.
03 ::
HIPAA Eligible
Business Associate Agreements available with enhanced controls for healthcare data.
04 ::
FedRAMP Pipeline
Working toward FedRAMP authorization with government-grade security controls.
// AI security
Protecting AI workloads
AI evaluation introduces unique security challenges. Gremlin addresses model protection, prompt injection prevention, and sensitive data detection to keep your AI systems secure throughout the evaluation process.
// Technical controls
Defense in depth
Our multi-layered security approach protects every component of the evaluation pipeline. From secure model serving to encrypted data pipelines, security is embedded at every layer.
01 ::
Model isolation
Each evaluation runs in isolated containers with strict resource limits and network policies.
02 ::
Prompt injection detection
Advanced filtering to detect and prevent malicious prompts from compromising evaluations.
03 ::
PII scrubbing
Automatic detection and redaction of sensitive information in evaluation datasets.
04 ::
Access logging
Comprehensive audit logs with tamper-evident storage and real-time monitoring.
// Security operations
24/7 monitoring and response
Our security operations center monitors threats around the clock. With automated incident response and expert security analysts, we detect and respond to security events before they impact your operations.
01 ::
Threat monitoring
Real-time security monitoring with ML-powered anomaly detection and threat intelligence.
02 ::
Incident response
Automated response playbooks with 15-minute mean time to detection for critical threats.
03 ::
Vulnerability management
Continuous scanning and patching with zero-downtime updates and security hotfixes.
04 ::
Security training
Regular security awareness training for all team members with simulated phishing tests.
// Privacy by design
Privacy‑preserving evaluation
Privacy is fundamental to our design. Gremlin enables comprehensive AI evaluation while preserving user privacy through advanced privacy-enhancing technologies.
01 ::
Differential privacy
Statistical privacy guarantees for evaluation metrics without sacrificing accuracy.
02 ::
Federated evaluation
Evaluate models without centralizing sensitive data using secure aggregation.
03 ::
Synthetic data generation
Generate privacy-safe evaluation datasets that preserve statistical properties.
04 ::
Data minimization
Collect and process only the minimum data required for effective evaluation.
// Deployment flexibility
Deploy anywhere, securely
Whether you need cloud, hybrid, or air-gapped deployment, Gremlin adapts to your security requirements while maintaining full functionality.
// Security team
Security questions?
Our security team is here to help. Whether you need security documentation, want to report a vulnerability, or have questions about our security practices.