Security posture
Security built around local control.
VeriBrain is designed for organizations that need local data custody, clear audit trails, and explicit network boundaries. We align with OWASP-minded principles: least privilege, secure-by-default settings, and transparent data handling.
Local-first data boundary
Documents stay on-device in local workspaces. Network calls are disabled by default and only enabled through explicit user actions.
Citations as audit trail
Responses are anchored to source passages with hash-verified references so reviewers can verify each claim.
Key storage guidance
Online mode uses customer-controlled API keys stored using OS-secured credential vaults. Keys never ship to our servers.
Controlled logging
Logging is local and minimal by default. Sensitive payloads are avoided, and logs can be cleared with one action.
OWASP-minded safeguards
- Least-privilege access and local-only defaults.
- Clear separation between local chat and online chat.
- Explicit user confirmation before external calls.
- Defense against prompt injection through source-bound responses.
Wipe and retention controls
- "Delete everything" option removes local workspaces, indexes, and logs.
- Export controls for audits and retention policies.
- Clear indicators of what lives locally vs. what is shared online.
Security is shared responsibility