TRUST & SECURITY
Every architectural decision in PRUDENZE was made assuming the data it governs is the most sensitive data your institution holds. Because it is.
DATA
Customer data never leaves your infrastructure. PRUDENZE modules run inside the bank's own perimeter. No telemetry. No phone-home. No data transmitted to Prudenze or any third party. In air-gapped deployments, there are zero outbound network connections of any kind.
Every bank gets a physically isolated instance — dedicated database, dedicated compute, dedicated secrets vault. There is no shared infrastructure between clients. One institution's data cannot reach another's by design, not by policy.
Docker Compose deployment. One command. One .env file with every configuration value documented. Bank fills in their own database credentials, identity provider details, and secrets manager endpoint. No Prudenze infrastructure required.
INTEGRITY
Every compliance rule is cryptographically signed before it enters the policy engine. Rules are structured, versioned YAML/JSON — never documents interpreted by humans. Tamper-evident. Version-controlled.
Every audit entry references the SHA-256 hash of the previous entry. The chain cannot be modified without detection. Append-only. No deletes. Examiner-ready at any moment.
Every credit decision and compliance verdict is captured with a cryptographic hash of the signal set, policy version, and rationale. Replayable years later. Unchanged.
Every synthetic data batch in Prudenze Sandbox is lineage-hashed. The provenance of every data record is traceable. No real customer data is ever used in model training or testing.
bits of customer data leave your perimeter in any Prudenze deployment.
This is not a configuration option. It is an architectural guarantee.
IDENTITY
Multi-tenant OAuth 2.0 / PKCE. Any bank's Microsoft accounts authenticate without configuration changes. Federation to the bank's own Entra ID tenant available.
Six-digit time-limited OTP delivered via secure email for every login — including SSO logins. Double-factor by default. No exceptions.
Every AI agent is registered with a SHA-256-hashed API key, a role assignment, and a permitted actions list. Keys are revocable instantly across all modules. Every agent action is logged.
After authentication, a signed platform JWT carries tenant_id, user_id, role, and licensed modules. Every module validates this token. One login. One session. One revocation point.
REGULATORY
PRUDENZE does not interpret regulatory frameworks for you. It produces the cryptographic evidence those frameworks require — signed decisions, hash-chained audit trails, reproducible rationale — so that when the examiner asks, you have the answer before the question finishes.
PRUDENZE has completed SOC 2 Type II examination covering Security, Availability, and Confidentiality trust service criteria. The report is available to qualified prospects under NDA. Contact us to request a copy.
SECURITY RESEARCH
If you have identified a potential security vulnerability in PRUDENZE, we want to know. We commit to acknowledging your report within 48 hours and providing a resolution timeline within 10 business days. We will not take legal action against researchers acting in good faith.
security@prudenze.comOut of scope