Security · residency · deployment

Your data stays where it lives. We bring the model to you.

Myelos is designed to deploy inside your cloud account — no data egress to a shared multi-tenant service.

Security principles

How Myelos is being built. Formal certifications are tracked separately; ask us for the current posture.

🏠

In-tenant deployment

The model and its data plane run inside your AWS, Azure, or GCP account. We do not operate a Myelos-managed data plane that holds your operational data.

🔑

Customer-managed keys

Bring your own KMS. The system is designed so we do not hold a key that can decrypt your production data.

📜

Signed audit trail

Every agent action is signed, timestamped, and exportable to your SIEM — designed for after-the-fact auditability.

🛂

Policy-scoped agents

Every Neuron Agent runs inside an explicit policy sandbox. You define what it can read, what it can propose, and what it can execute.

🛜

Network egress controls

Outbound network access is opt-in per agent and per source. Egress events are logged.

🧾

Audit and compliance support

Documentation, deployment Terraform, and review materials available to support your SOC 2, ISO, GDPR, or sector-specific audits. Status of any specific certification is shared on request.

Security FAQ

Where does the model run?

Inside your cloud account. The intended deployment is via Terraform or your existing IaC pipeline; your team keeps root.

Do agents have internet access?

Only what you authorize per agent. Outbound access is policy-controlled and every egress event is logged.

How do you handle PII?

Myelos does not ingest PII by default. Source-side tokenization is supported for sensitive columns.

What certifications do you hold?

We share our current certification status and audit reports under MNDA. Email us at hello@myelos.io and we can walk you through the posture.