[Trust Center]
Security you can verify.
Cerbera secures other companies' AI, so our own bar is non-negotiable. Here is how we protect your data and the standards we hold ourselves to.
[Posture]
How we protect your data.
Data stays local
Cerbera runs as a transparent proxy on the endpoint. Detection happens locally; we do not store or transmit prompt content by default.
Least privilege
Cerbera deploys and removes via MDM in one click and coexists with your VPN and DNS proxies. No standing access you cannot revoke.
Transparency
You decide whether prompt logs are retained. Configuration and policy are auditable, and nothing is a black box.
Operator-run
Built and operated by Bastion, a managed-security team that runs SOC 2 and ISO 27001 programs day in, day out.
[Compliance]
Standards we align to.
Cerbera inherits Bastion's compliance program, with SOC 2 and ISO 27001 certifications in place and ISO 42001 in progress.
[Documents]
Policies and agreements.
The list of third parties that may process customer data.
Our standard DPA, available on request.
How we handle personal data across the product and site.
[Report a vulnerability]
Found something? Tell us.
We welcome responsible disclosure. Reach our security team directly and we will respond quickly.
security@cerbera.ai