~/.vektor/vault.enc — AES-256-GCM encrypted, machine-bound to your OS identity. No plaintext credentials on disk.The following table maps the five Trust Service Criteria to concrete controls implemented or in progress. We are currently preparing for SOC 2 Type I audit.
| Control | TSC | Description | Status |
|---|---|---|---|
| CC1.1 | Control Environment | Security policy documented, ownership assigned, annual review cycle established | Implemented |
| CC1.2 | Control Environment | Vendor and third-party risk assessments documented for all external dependencies (npm packages, LLM providers) | In Progress |
| CC6.1 | Logical Access | SSH key-only authentication to production VPS. Password auth disabled. Key stored in encrypted vault. | Implemented |
| CC6.2 | Logical Access | Access review log — record of who has production access, when granted, when last reviewed | Implemented |
| CC6.3 | Logical Access | Offboarding procedure — key revocation and access termination process documented | Implemented |
| CC6.6 | Logical Access | All data at rest encrypted (AES-256-GCM). All data in transit encrypted (TLS 1.2+). Encryption policy written and signed. | Implemented |
| CC7.1 | System Operations | Dependency vulnerability scanning — npm audit runs on every deployment. High/critical findings block deploy. | Implemented |
| CC7.2 | System Operations | Automated timestamped backups before every production deployment. Rollback capability tested and documented. | Implemented |
| CC7.3 | System Operations | Incident response runbook — detection, classification, containment, notification, and post-mortem process | Implemented |
| CC7.4 | System Operations | Structured audit log of all production SSH sessions, deployments, and configuration changes | Implemented |
| CC8.1 | Change Management | All production changes reviewed before deployment. Backup-before-deploy enforced via tooling. Rollback tested. | Implemented |
| CC9.1 | Risk Mitigation | Risk register — identified risks, likelihood/impact ratings, mitigations, and review schedule | Implemented |
| CC9.2 | Risk Mitigation | Business continuity plan — data recovery, service restoration, and communication procedures | In Progress |
| A1.1 | Availability | Uptime monitoring with automated alerting. SLA commitments documented in Terms of Service. | In Progress |
| PI1.1 | Processing Integrity | MAGMA memory pipeline integrity — causal, temporal, and entity graph consistency verified on every write cycle | Implemented |
| C1.1 | Confidentiality | No customer memory data processed or stored on Vektor infrastructure. Confidentiality by architecture. | Implemented |
| P1.1 | Privacy | Privacy notice published. Data handling practices documented. No personal data collected beyond licence email. | Implemented |
vault.enc) uses AES-256-GCM with a machine-derived key. The SQLite memory database is stored on-device. Users may layer full-disk encryption (BitLocker, FileVault, LUKS) for additional protection — VEKTOR does not prevent or interfere with this.npm audit --audit-level=high runs on every production deployment. High or critical findings block the deploy until remediated.package-lock.json committed and verified on install. No floating version ranges in production code.Responsible disclosure
If you discover a security vulnerability in VEKTOR Memory or the Slipstream SDK, please report it to [email protected]. We ask that you give us 90 days to remediate before public disclosure.
We will acknowledge your report within 48 hours, provide an initial assessment within 7 days, and keep you updated on remediation progress. We don't currently offer a formal bug bounty, but we recognise researchers who report valid findings in our release notes.
Incident classification
P0 — Critical: Active exploitation, credential exposure, or data breach. Response begins within 1 hour. All production access locked down immediately.
P1 — High: Unpatched high-severity CVE in a shipped dependency, or authentication bypass. Response within 24 hours.
P2 — Medium: Confirmed vulnerability without known exploit. Patched in next planned release within 30 days.
P3 — Low: Informational findings, hardening opportunities. Addressed in quarterly review cycle.
What a breach at Vektor means for you
Because VEKTOR is local-first with zero cloud memory storage, a compromise of Vektor's own infrastructure cannot expose your memory corpus. The worst case for a Vektor server breach is: exposure of your licence email address and activation timestamp. That's the only data we hold.
Your memories, embeddings, and agent context live entirely on your own infrastructure. They are not reachable from ours.
Notification policy
In the event of a confirmed security incident affecting customer data (i.e., licence account information), we will notify affected customers via their registered email within 72 hours of confirmation, consistent with GDPR Article 33 timelines even where not legally required.
Notifications will include: nature of the incident, data categories affected, steps we've taken, and recommended actions for customers.
Full details in our Privacy Policy.
Can Vektor read my agent memories?
No. Your memories are stored in a SQLite database on your machine or server. Vektor has no network path to that database. We physically cannot read your memories — not by policy, but by architecture.
What happens if I cancel my subscription?
Your memories remain on your machine and are fully accessible without an active licence — the local SQLite database doesn't have a kill switch. You retain ownership of your data regardless of subscription status. The only thing that stops working is the licence validation, which disables the SDK's LLM routing features.
Is VEKTOR GDPR compliant?
For the data we hold (licence email, activation timestamp): yes. We process this data on the legal basis of contract performance. You can request deletion at any time by emailing [email protected] — we will purge your licence record within 30 days, after which your licence key will cease to function.
For your agent memories: GDPR doesn't apply to data we never see. That data is entirely under your control and jurisdiction.
Does VEKTOR work in air-gapped environments?
Partially. The memory layer, embedding computation, and MAGMA graph operations work fully offline. Licence activation requires a one-time internet connection. After initial activation, offline operation is supported for the memory functions. LLM provider calls obviously require connectivity to your provider, but that's outside VEKTOR's scope.
Do you have a SOC 2 report?
We are currently preparing for SOC 2 Type I. We expect to complete the audit in Q3 2026, with Type II observation beginning immediately after. In the meantime, our local-first architecture provides stronger practical security guarantees than a SOC 2 badge on a cloud product — there is no centralised Vektor data store to audit in the first place.
If you have an enterprise procurement requirement for SOC 2 today, contact [email protected] — we can share our in-progress controls documentation and security architecture detail under NDA.
What's your password and secrets policy?
Production access is key-only SSH — no passwords. All API keys and credentials are stored in the cloak_passport encrypted vault, never in plaintext config files or environment files committed to source control. Internal systems use unique credentials per service with no shared passwords.
Security questions? Talk to us.
Enterprise procurement, NDA security reviews, architecture deep-dives — we're happy to go into detail. Or just read the code.