TODO.LAWAI SENTINEL

Security & Trust

AI SENTINEL is built for organizations that manage sensitive AI governance data. Security is embedded in every layer of the platform — from how we isolate your data to how we control access and protect your information.

Data Isolation

Every organization on AI SENTINEL operates in a fully isolated environment. Your AI systems, assessments, policies, incidents, and vendor data are never accessible to other organizations.

Organization-Scoped Queries

Every database query is automatically scoped to your organization. There is no way to access another organization's data through the application.

Verified Membership

Before any operation, we verify that the requesting user is an active member of the organization. Membership is checked on every single request.

Cross-Tenant Protection

Operations that reference related entities (e.g., linking a policy to an AI system) verify that both entities belong to your organization.

Shared Reference Data Only

Only non-sensitive reference data (compliance frameworks, assessment templates) is shared across organizations. Your governance data is never shared.

Access Control

AI SENTINEL enforces role-based access control (RBAC) across the entire platform. Every action is checked against your role before it is executed.

Owner
Admin
AI Officer
Member
Viewer

Read-Only Enforcement

Viewers have guaranteed read-only access. All write operations are blocked at the server level, not just the UI — preventing unauthorized modifications even through API calls.

Elevated Permissions

Sensitive operations like approving assessments, publishing policies, and making oversight decisions require AI Officer, Admin, or Owner roles.

Authentication

We support industry-standard authentication methods with additional hardening for production environments.

Google OAuth

Enterprise SSO via Google with OAuth 2.0

Magic Link

Passwordless email authentication for secure sign-in

Cross-Platform SSO

Single sign-on across the TODO.LAW platform

Session Security

  • HTTP-only cookies prevent client-side access to session tokens
  • Secure cookie flag enforced in production (HTTPS only)
  • CSRF protection on all authenticated requests
  • SameSite cookie policy prevents cross-site request forgery

Input Validation

All user inputs are validated on the server before reaching business logic. This protects against injection attacks and ensures data integrity.

Schema Validation

Every API input is validated against a strict schema. Invalid data is rejected before it reaches the database.

Parameterized Queries

All database queries use parameterized inputs. Raw SQL is never used, eliminating SQL injection risk.

Enum Enforcement

Status fields, risk levels, and categories use strict enum validation. Only predefined values are accepted.

Audit Trail

Every create, update, delete, and significant business operation is logged to an immutable audit trail. This supports compliance requirements and provides a complete record of governance activities.

What We Log

  • • AI system lifecycle changes
  • • Risk classification decisions
  • • Assessment submissions and approvals
  • • Oversight decisions
  • • Policy changes and publications
  • • Incident management actions
  • • Organization membership changes

Retention

Audit records are preserved even if the associated user or organization is deleted. This ensures your compliance history remains intact regardless of personnel changes.

Transport & Infrastructure

Your data is protected in transit and at rest through industry-standard security measures.

HTTPS Everywhere

All connections are encrypted with TLS. HSTS headers ensure browsers always use secure connections.

Clickjacking Protection

Security headers prevent the application from being embedded in frames on other sites.

Content Security

MIME-type sniffing prevention and strict referrer policies protect against content-based attacks.

Minimal Permissions

Browser APIs (camera, microphone, geolocation) are explicitly disabled — the application never requests unnecessary access.

API Security

All API endpoints require authentication. External integrations use signature verification and token-based authentication.

Endpoint Protection

Every governance API endpoint requires an authenticated session with verified organization membership. Unauthenticated requests are rejected.

Webhook Verification

Payment and integration webhooks use cryptographic signature verification. Unverified webhooks are discarded before processing.

Security Standards

AI SENTINEL's security controls are designed to address the OWASP Top 10 web application security risks.

Mitigated
Access ControlMulti-tenant isolation, RBAC, cross-entity verification
Mitigated
InjectionParameterized queries, strict input validation, no raw SQL
Mitigated
AuthenticationIndustry-standard OAuth, secure sessions, CSRF protection
Mitigated
Data IntegrityWebhook signature verification, schema validation
Mitigated
Security ConfigurationSecurity headers, environment-guarded configurations
Active
Logging & MonitoringComprehensive audit trail for all governance operations

Security Contact

If you discover a security vulnerability or have questions about our security practices, please contact us at security@todo.law. We take all reports seriously and will respond promptly.