The flight recorder for AI agents
Security
How AgentBlackBox is built to protect your data and provide trustworthy audit evidence.
Tenant isolation
AgentBlackBox is multi-tenant. Every record — work units, events, approvals, policies, agents, connectors, audit entries — is scoped to a single organization. Requests are resolved to the caller's organization and a request for another organization's resource resolves as not found. Provisioning and SCIM tokens are issued per organization.
Role-based access control
Access is governed by organization roles (Owner, Admin, Member) plus designated approver membership. Administrative configuration (billing, SSO/SCIM, retention, API keys, governance) requires an Owner or Admin role; sensitive actions are least-privilege by default and refused for insufficient roles.
Tamper-evident audit logging
Agent and approval activity is recorded as a hash-chained event log: each event is SHA-256 hashed and linked to the previous one, so any edit, insertion, or deletion breaks the chain and is detectable. The chain is periodically summarized into signed checkpoints, with optional external timestamp anchoring for independent existence proofs.
Single sign-on & user lifecycle
- OIDC single sign-on for organization login.
- SCIM 2.0 user provisioning and deprovisioning, so joiners and leavers are reflected automatically by your identity provider.
- Deactivated users are refused login (both password and SSO paths).
Signed, verifiable exports
Audit and compliance exports are signed with HMAC-SHA256 over a canonical representation, so a recipient can independently verify the export was produced by AgentBlackBox and has not been altered.
Fail-closed defaults
Security-relevant controls fail closed: when a control is misconfigured or a credential is missing, the system denies rather than silently allowing. Enterprise capabilities are off-by-default and only operate once an administrator explicitly configures them.
Secret handling
- Connector credentials and integration secrets are encrypted at rest.
- API keys and provisioning tokens are shown once at creation and stored only as hashes; the raw value is never returned by the API afterward.
- Configuration endpoints expose only whether a secret is set — never its value.
Data handling & deletion
Organizations control retention windows and can place records under legal hold. Data-subject access (export) and erasure are supported; erasure redacts personal data while preserving the integrity of the tamper-evident audit chain. Destructive operations require explicit administrator authorization.
Responsible disclosure
We welcome reports of suspected vulnerabilities. Please contact SAMTOSAINC@GMAIL.COM with a description and reproduction steps, and allow a reasonable period for remediation before public disclosure. Please do not access, modify, or exfiltrate data that is not yours while testing.
What we do not claim
This page describes how the product is built. AgentBlackBox does not claim any third-party security certification, regulatory approval, or independent audit unless and until such an attestation has been completed and is published with its report. Statements here are descriptive, not a warranty or a guarantee.