Trust

Trust and security

How Kaidera keeps work reviewable: project boundaries, credentials, approval gates, public/private separation, and evidence trails.

Public draft for dev reviewLast verified 2026-05-22

Expanded public-safe trust narrative for E94 Phase 2 docs.

The trust model

Kaidera should help customers move faster without hiding risk. The trust model is built around boundaries, approvals, evidence, secure configuration, and clear ownership of important decisions.

Project boundaries

Kaidera should keep memory, credentials, artifacts, and work state scoped to the right project and organisation. Public documentation describes the control model without revealing customer-specific implementation details.

Customer data handling

Customer data should stay attached to the right organisation, project, and approved workflow. Users should understand what they upload, why it is needed, who can access it, and when sensitive material needs an enterprise process.

Credentials and secrets

Credentials, keys, tokens, and other secrets should not be uploaded into general project notes, FileVault folders, Draw boards, or chat-like requests. They should be managed through approved customer/admin configuration routes.

Approval gates

The platform is designed so irreversible or high-impact actions remain approval-gated. Production promotion, protected-branch changes, credential updates, and sensitive-data workflows should be visible review points.

Evidence trails

Good AI operations leave evidence: decisions, handoff state, verification results, screenshots, route checks, and residual-risk notes. The review package should make those artifacts easy to inspect before a user approves promotion.

Cybersecurity posture

The customer-facing promise is continuous vigilance: security controls, review gates, evidence, and support from the Kaidera cybersecurity capability. The docs should explain what customers can configure and what evidence they can review, not private defensive implementation details.

What users can configure

Customer admins should focus on users, roles, MFA or SSO where available, project access, provider access, model visibility, approval gates, support access, and audit visibility.

What can go wrong

Security risk rises when users share secrets in the wrong place, approve changes without evidence, keep stale user access, skip review gates, or mix sensitive material into general project files.

Read next

Read Enterprise controls for self-hosted, isolated, managed model, and air-gapped options. Read Guardrails and approvals for human review gates.

Website context

Connect this guide back to the product story

The technology docs map links this page to the public technology narrative and helps buyers move from a capability overview into the right operating guide.

Open technology docs map →