Security
Your data never leaves
the vault.
Zero-trust architecture, isolated execution, and operator-grade auditability for teams that need AI employees to behave like real production systems.
Four layers of defense
Zero-trust gateway
mTLS · RBAC · Rate limiting
Every request is authenticated and authorized. No implicit trust path exists between customer systems and agent runtimes.
Isolated compute
Dedicated VMs · No shared memory
Each agent gets its own sandboxed environment, reducing blast radius and eliminating lateral movement between tenants.
HSM-backed encryption
AES-256 · TLS 1.3 · Key rotation
Credentials stay encrypted in transit and at rest, with managed key rotation and vault-backed storage controls.
Immutable audit trails
Reasoning traces · Exportable logs
Every decision, tool call, and data access is logged for operator review, investigations, and enterprise assurance workflows.
Security FAQ
Can agents access other customers' data?
No. Each agent runs in full isolation with separate runtime boundaries, credentials, and storage controls.
Do you train on my data?
No. Customer data is used to execute configured workflows and is not used to train or fine-tune models.
What happens if an agent needs human oversight?
Operators can require approvals for high-stakes actions and review a full log of what the agent observed, decided, and attempted.
Can enterprise teams request a deeper security review?
Yes. Clawly supports trust reviews, architecture walkthroughs, and questionnaire follow-up for enterprise procurement.
Need a deeper security review?
We can support procurement reviews, architecture walkthroughs, and follow-up questions for your security team.