Security

Security commitments for Aureuma-operated systems.

Updated: February 18, 2026. Aureuma applies defense-in-depth controls for identity, runtime isolation, and operational auditability.

Core controls

Least privilege

Execution contexts and credentials stay intentionally narrow.

Encrypted secrets

Secret handling follows vault-first workflows and bounded access paths.

Operational auditability

Workflow and release execution remain reviewable after the fact.

Aureuma AI applies defense-in-depth controls for identity, runtime isolation, and operational auditability.

Controls

  • Least-privilege credentials and scoped execution contexts.
  • Encrypted secret handling through vault-first workflows.
  • Operational logging for workflow and release execution.

Incident disclosure

Report vulnerabilities to [email protected]. Include reproduction steps, scope, and impact details where possible.