Defaults vs configurable
- Default: do not store raw prompts/responses.
- Configurable: retain metadata logs by environment policy.
- Planned: expanded payload diagnostics for approved workflows only.
Security
Security controls designed for production AI traffic
Data handling, retention boundaries, audit traceability, and access isolation built for enterprise governance.
Audit-first logging Retention controls Policy enforcement at the edge
Logging policy at a glance
| Category | Default behavior |
|---|---|
| We log (default) | request id, timestamp, route decision, latency, token counts, policy outcome |
| We never log (default) | raw prompts/responses, provider keys, unmasked PII (when redaction enabled) |
Data flow
Security contact
For security questions or responsible disclosure, contact the team directly.
Security roadmap
Planned controls
- Planned: SSO integrations (SAML/OIDC)
- Planned: granular RBAC policy editor
- Planned: custom key management integrations
Roadmap items are directional and may change.
Security FAQ
Do you store raw prompts and responses by default?
No. Sentinel Primo focuses on metadata-first observability and configurable retention policy.
Can we enforce PII redaction before provider calls?
Yes. Redact and block actions are evaluated in policy before routing to external providers.
How is retention controlled?
Retention can be configured by environment and workspace with audit history preserved.
How are provider keys protected?
Keys are managed server-side and scoped by project boundaries to reduce lateral exposure.
Are roadmap security features clearly marked?
Yes. Planned controls are marked as planned and not represented as currently available.
Bring governance to every model request
Review architecture fit, policy posture, and rollout sequencing with the Sentinel Primo team.