Cleared at the surface that matters.

A real-world security profile for procurement officers, security officers, and ATO authorizers vetting Tribalogix before a pilot. Skip the marketing — this page is for the people whose job is to find what we missed.

Compliance posture

CAGE Code

20GE7 (active)

SPRS

Submitted, score current as of 2026-04

NIST SP 800-171

R3 controls implemented; SSP + POA&M maintained

CMMC

Level 1 cleared · Level 2 self-assessment scheduled Q3 2026

ITAR

Clear — no foreign data residency, no foreign personnel

EAR / OFAC

Compliance program active; export classification on platform release

FedRAMP

Moderate authorization targeted for hosted offering — H1 2027

AS9100D-aware

Platform recognizes and reasons over AS9100 cert posture; we are not AS9100D-certified ourselves (not applicable)

Trusted Foundry / DMEA

Awareness only; not applicable to a software-only deployment

Data residency

All Tribalogix-operated infrastructure is hosted in the continental United States. We use no foreign cloud regions, no foreign content delivery edges, and no foreign-incorporated subprocessors. Customer-deployed instances run in your enclave — air-gap appliance, your AWS GovCloud, your Azure Government, or on-premise — your choice.

Three deployment topologies

• Air-gap appliance — sealed hardware delivered to your facility. No outbound network. Updates by signed-USB or scheduled site visit. ITAR-clear by construction. Fits SCIF deployments.
• Customer-controlled cloud — Terraform module deploys into your AWS GovCloud or Azure Government tenancy. We have no access. You hold the keys.
• Hosted (evaluation only, today) — US-region only, customer-isolated logical tenant, storage-tier encryption-at-rest provided by the underlying cloud provider. Used for unsigned 14-day pilots so you can evaluate before procuring infrastructure. Customer-managed KMS keys apply to the customer-controlled-cloud and air-gap deployment paths, not to the shared evaluation tier.

AI / inference posture

• Local inference only — when natural-language interface is enabled, inference runs inside your enclave on CPU or local GPU. No outbound calls, no telemetry, no model phone-home. The exact engine is configurable per deployment and disclosed under NDA.
• No OpenAI, no Anthropic API, no Google Gemini, no AWS Bedrock. The platform was engineered defense-first; cloud LLM dependencies were never introduced. This is enforced in code — playbooks referencing external endpoints are rejected by the validator, and a CI scanner blocks reintroduction at PR time.
• No fine-tuning on customer data. Your queries are inference inputs only — never logged off-host, never persisted to our infrastructure, never used to update any model.
• Decisions are auditable code, not model output. Every supplier recommendation has a reproducible explanation trace (filter rules, CAGE matches, qualification cross-reference). The natural-language layer phrases verdicts; it does not vote on them.

Cryptography

• At rest — AES-256-GCM (FIPS-approved algorithm per FIPS 197) for application-layer field encryption of sensitive data including MFA secrets and document blobs. Storage-tier encryption-at-rest is inherited from the underlying cloud provider. FIPS-mode runtime provider enablement is in flight; the algorithms in use today are FIPS-approved but the host process is not yet booted with a FIPS 140-3-validated module loaded. Customer-managed KMS keys are supported on the customer-controlled-cloud and air-gap deployment paths where the customer holds and rotates the master key.
• In transit — TLS 1.3, modern cipher suites only. Public site forces HSTS with 1-year max-age and preload.
• Inter-service — mTLS between platform components in customer-controlled cloud and hosted topologies. Air-gap appliance uses a single signed binary, no inter-host traffic.
• Supply chain integrity — release artifacts are signed. Each platform build emits an SLSA-3 provenance record and an SBOM (CycloneDX). We will share both under NDA.

Identity and access

• SAML 2.0 SSO via your IdP (Okta, Azure AD/Entra, Ping). No password-based access to production deployments.
• Hardware-backed keys (FIDO2 / PIV / YubiKey) supported and recommended for privileged operators.
• Role-based access control with least-privilege defaults. Privileged actions (model swap, classifier override, supplier-data import) require a second-operator approval in production tier.
• Session lifetime, re-auth cadence, and inactivity timeout configurable per deployment to match your STIG.

Audit logging

• Every authoritative action — query, supplier match, classifier verdict, configuration change, login — emits an append-only audit record with operator identity, timestamp, request hash, and verdict.
• Audit records are signed and tamper-evident. The platform exposes a verifier that re-hashes the chain on demand.
• Retention default 13 months online plus 7 years cold; configurable to your record-keeping policy.
• Audit export is push-based to your SIEM (Splunk, Elastic, Sentinel) over the customer’s preferred transport.

Supplier data integrity

Every supplier record resolves to a verifiable, authoritative identity of record with a traceable public history. Nothing in the database is private to any company, and nothing is scraped from the open web or purchased from commercial data brokers.

Qualification and compliance attributes — AS9100, NADCAP, ITAR/USML applicability, CMMC posture — are validated against authoritative registries, not inferred from free text, and the dataset is kept current on a continuous refresh cycle. The ingestion pipeline, normalization schema, classifier, and scoring model are proprietary.

Incident response

• 24/7 incident reception via [email protected]. PGP key on request.
• Confirmed customer-impacting incidents are disclosed to affected parties within 72 hours of confirmation, with description, scope, time-of-detection, and immediate countermeasures.
• Post-incident: signed root-cause document within 14 days, including the corrective action plan and a regression test added to CI.
• We support customer-led tabletop exercises during evaluation pilots and annually thereafter for production engagements.

Coordinated disclosure

Researchers and defenders are welcome to report suspected vulnerabilities to [email protected]. We respond within 48 hours, validate within 7 business days, and ship a fix according to severity. We do not pursue legal action against good-faith researchers who follow this disclosure policy. Hall-of-fame attribution available on request.

Penetration testing

• External third-party penetration test scheduled annually; first engagement Q3 2026. Reports shareable under NDA.
• Continuous SAST and dependency scanning in CI; no critical CVEs released to production unfixed.
• Customer-led penetration testing of customer-controlled deployments is permitted and welcomed; coordinate scope with us beforehand so we don’t alert on your testing.

Personnel

All personnel with platform access are U.S. persons as defined in 22 CFR § 120.62. Background checks performed by Sterling on hire; refreshed every 36 months for personnel with privileged production access. Insider-threat awareness training annually.

Roadmap visible to customers

• Q3 2026 — CMMC Level 2 self-assessment closure; first external pen test report shareable under NDA; FIPS-mode runtime provider enablement across the hosted tier (so the platform loads at boot with a FIPS 140-3-validated module, not merely FIPS-approved algorithms).
• Q4 2026 — Customer-led continuous monitoring (CDM) integration for production deployments; FedRAMP Moderate readiness assessment.
• 2027 — FedRAMP Moderate authorization for the hosted offering. CMMC Level 3 evaluation.

Security contact

General security

[email protected]

Coordinated disclosure

[email protected]

Privacy requests

[email protected]

PGP key

On request — sent via signed reply-all

Response window

Within 48 hours · 24/7 acknowledgement