Private AI builds software in a security conscious manner. This page will give some insight into the processes and measures the engineering team engages in.
Private AI follows security best practices and engages in development processes including regular vulnerability assessments at the code, application and container levels and remediates them according to the SLAs below.
If you have any questions about our processes, feel free to reach out to the team!
The Private AI container is built on an even slimmer slim image to minimize unnecessary dependencies which reduces the container size as well as exposure to dependency vulnerabilities.
Private AI addresses security issues within the following SLA: Based on the CVSS v3.0 rating system
- Critical: Within 48 hours of CVE publication
- High: Within 2 weeks of CVE publication
- Medium and under: Within 1 month of CVE publication
Private AI is currently NOT SOC 2 or ISO 27001 certified as we do not store any user or customer data beyond contact and billing details.
Yes! Using Private AI is SOC 2 and ISO 27001 compliant because we deploy on-prem and we don't retain any data processed.