/>

Your company. Your keys. Your control.

Lucidrail runs autonomous agents, so the controls around them matter as much as the agents themselves. This page describes exactly what protects your data and your work today — and, just as plainly, what we are still building.

The controls that ship today

Frequently asked questions

Where does my data live, and can I self-host?

Your choice. Run Lucidrail on your own infrastructure so agents, backlog and credentials never leave your network, or use our managed cloud. Either way, you bring your own model keys.

How are credentials and secrets protected?

Stored secrets are sealed with AES-256-GCM, and API keys, tokens and credentials are masked before anything is written to logs or activity.

Can you produce evidence for an audit?

Yes. The controls that govern your agents are mapped to ISO 42001 and the OWASP Agentic Top-10, and the platform generates evidence from the live system — a Statement of Applicability, per-agent fact sheets and AI impact assessments, and an internal-audit record.

Are you SOC 2, HIPAA or FedRAMP certified?

We're plain about this: we map controls to ISO 42001 and the OWASP Agentic Top-10 today, SOC 2 is in progress, and HIPAA and FedRAMP are on the roadmap. We don't claim a certification we don't hold.

Lucidrail home · Security