Security

Security at the Execution Layer

DriftGate enforces identity, policy, and data boundaries inline between agents and the systems they can affect.

  • Inline enforcement (Edge → Control Plane)
  • Immutable audit + evidence bundles
  • Zero-trust access model
  • Latency overhead is workload-dependent and validated during architecture review
Schedule Architecture ReviewContact Security

Threat Model

DriftGate is designed to reduce execution-layer risk where agent decisions can trigger real system mutations.

Prompt injection leading to unauthorized tool actions

Risk: Injected instructions attempt to execute tools outside intended policy.

  • Policy Engine evaluates requested tool and scope before execution.
  • Risk Engine can escalate to approval for high-risk routes.
  • Allowlist and denylist controls block disallowed connectors.

Privilege escalation (agent to admin capabilities)

Risk: An agent attempts to use permissions beyond assigned role boundaries.

  • RBAC and scoped service identities constrain route access.
  • Least-privilege tool scopes are enforced per execution.
  • Approval policies can require human authorization for privileged actions.

Token theft and session hijacking

Risk: Compromised credentials are replayed to issue unauthorized executions.

  • Short-lived signed execution tokens reduce credential lifetime.
  • Execution Context checks bind tokens to route and session constraints.
  • Audit lineage tracks anomalous actor and token behavior.

Replay attacks using signed requests

Risk: Previously valid requests are re-submitted to repeat sensitive operations.

  • Execution IDs and request signatures enforce freshness checks.
  • Risk Engine flags repeated payload patterns across time windows.
  • Rate limiting and replay detection policies block duplicate mutation attempts.

Data exfiltration (PII or secret leakage)

Risk: Agent outputs or tool responses expose regulated or sensitive data.

  • Data Boundary policies inspect and redact sensitive fields inline.
  • PII detection and secret masking are evaluated before egress.
  • Blocked and redacted events are preserved in audit evidence.

Lateral movement via connectors

Risk: Compromised workflow traverses connectors to unrelated systems.

  • Route controls isolate execution paths by environment and role.
  • Connector scopes are constrained per tool integration.
  • Metering and lineage surfaces unusual cross-system access patterns.

Policy bypass attempts (direct tool calls)

Risk: Workloads attempt to invoke downstream systems outside governance paths.

  • Edge deployment (SDK, Proxy, or Sidecar) keeps enforcement inline.
  • Signed execution flow rejects unmanaged calls without valid context.
  • Audit and evidence exports capture bypass attempts for incident review.

Architecture & Trust Boundaries

Security posture depends on where decisions are evaluated, where metadata is retained, and how boundaries are enforced between customer infrastructure and DriftGate services.

Customer Environment

Agents + Tools + Systems

DriftGate Edge

SDK / Proxy / Sidecar (inline)

DriftGate Control Plane

Policy Engine • Risk Engine • Router • Data Boundaries • Audit/Evidence • Lineage

Inline decisions: allow, block, redact, rate-limit, approval
Every decision emits audit evidence and metering

Inline evaluation uses execution context, actor identity, route, and requested tool/model action before downstream calls execute.

Control Plane stores decision metadata, policy lineage, risk verdicts, approvals, and metering records for evidence and reporting.

Deployment model options (SaaS, hybrid, customer-managed) are finalized per architecture review and deployment profile.

Core Controls

Identity & Access

  • Role-based access control (RBAC) for users, services, and operational roles.
  • SSO/SAML integrations for identity-provider backed authentication flows where configured.
  • SCIM provisioning support for lifecycle management in supported deployment profiles.
  • Signed execution context tokens at the execution layer.
  • Least-privilege enforcement at tool and scope level.

Policy Enforcement

  • Policy-as-code evaluation inline in Edge and Control Plane pathways.
  • Approval gates for high-risk actions before mutation.
  • Route and session controls tied to explicit execution context.
  • Deterministic outcomes: allow, block, redact, rate-limit, approval.

Data Protection

  • Data Boundary rules for routing and residency-aligned policy paths.
  • PII detection and redaction policies before external execution.
  • Secret masking in logs, evidence output, and operational views.
  • Allowlist and denylist controls for tools and scopes.

Network & Platform Security

  • TLS in transit for control-plane and edge-to-service communication.
  • Multi-tenant isolation controls with scoped execution context.
  • Rate limits and abuse protections for high-velocity execution patterns.
  • Signed request verification between Edge and Control Plane components.

Audit, Evidence, and Forensics

  • Audit logs across policy, risk, approval, and execution outcomes.
  • Evidence bundles for incident response and audit preparation.
  • Decision lineage traces and replay context for supported routes.
  • Export feeds plus JSON/CSV evidence outputs for external reporting.

Reliability & Performance

Latency impact for inline enforcement is measured per deployment profile and validated in staging before production cutover.

Deployment topology is documented per environment, including single-region or multi-region posture where required.

If Control Plane connectivity is interrupted, fallback verdict behavior is explicit per route policy (including deny-by-default options).

Audit and metering delivery paths are monitored and validated during deployment readiness checks.

Compliance & Evidence

Control mappings and evidence exports are available for customer security review.Framework alignment depends on customer deployment, policy configuration, and control operation.Security and procurement teams should validate control mappings against their own framework obligations.

DriftGate can generate audit evidence bundles for incident response, procurement review, and formal audits.

Control areaEvidence produced
Identity and accessAuthentication events, RBAC changes, SSO/SCIM sync logs, token issuance records.
Policy lifecyclePolicy version history, validation outcomes, deployment approvals, policy lineage.
Execution controlsAllow/block/redact/rate-limit verdicts, route/session context, latency and risk scoring.
Data boundary enforcementRedaction events, boundary policy matches, connector scope checks, egress denials.
Incident and reportingEvidence bundles, SIEM export logs, JSON/CSV reports, audit timeline records.
Security documentation

Reporting formats include SIEM-ready feeds and JSON/CSV exports.

Security Contact & Disclosure

We acknowledge reported security issues within two business days.

  • Use the security contact route for vulnerability disclosure and incident coordination.
  • Include reproducible steps, affected route or connector, and observed impact to accelerate triage.
  • Bug bounty programs are discussed during enterprise security review.

Security FAQ