Skip to main content
Security & Compliance

Where code runs, where keys live, who approved what

Before handing business processes to AI, these questions are worth asking first. This page answers them one by one, each mapped to a mechanism already implemented in the platform.

Code steps run in a Docker sandboxCredentials encrypted with AES-256-GCMSelf-Hosted Deployment Available
Six Lines of Defense

Every line of defense maps to an implemented mechanism

Six cards, one concern each; every item comes from the product's current implementation.

SBXExecution Isolation
  • Code steps execute in a Docker sandbox — every run gets a fresh container
  • Each language uses a dedicated execution image
  • Container egress is controlled, with a 30-second default timeout
AESCredential Security
  • Credentials are stored with AES-256-GCM encryption
  • Encryption keys support rotation
  • Claude Pro / ChatGPT can sign in via subscription — no API Key to paste
SSOIdentity And Access
  • 14 OAuth / OIDC login methods, including your own OIDC
  • API Keys are issued with 6 least-privilege scopes
  • Triggering runs, reading results, and answering approvals can each use their own Key
GATEApproval Gates
  • Steps marked manual_approval pause the run, with notifications through three channels: in-app, email, and API
  • Values in the approval form are directly editable — adjust a bid, then approve
  • Auto-reject on timeout, with a configurable duration
LOGAudit And Traceability
  • Run timeline, per-step logs, and token usage and cost recorded for every run
  • Runs export as JSON / YAML
  • The Enterprise tier provides audit logs
CAPQuotas & Costs
  • Concurrent runs are limited per tier: 1 / 5 / 15 / 50
  • Run history is retained per tier — 180 days on Team
  • AI assistant usage has a daily limit — 20 times/day on Pro
Execution Isolation

Code steps in 7 languages, all sandboxed

python, javascript, typescript, bash, ruby, lua, cli: whatever the language, production code steps execute inside a Docker container.

Code steps are the most powerful part of a workflow, and the part that most needs boundaries. Whether a script was generated by the AI assistant or written by hand, it executes in the same sandbox.

  • Containers are created per run and destroyed when it ends
  • Each language has a dedicated execution image, with controlled container egress
  • Workflow variables are injected as WF_VAR_* environment variables
  • 30-second default timeout; artifacts export through a separate channel and download from the run details
sandbox-profileproduction
# per-run sandbox profile (illustrative)
container:
  lifecycle: ephemeral              # create, run, destroy
  image: dedicated-per-language  # 7 runtimes
  network: controlled-egress
  timeout: 30s                     # default
env:
  WF_VAR_*: injected
artifacts:
  export: artifact-channel       # fetch from run detail

Illustrative config to show sandbox behavior — not an actual file from the product.

Data Boundary

Your credentials are used only for the calls you configure

In the cloud, BYOK sends model traffic straight to the provider you choose; when you need a harder boundary, deploy the whole platform into your environment.

BYOKIn The Cloud

LLM calls use your own keys and go straight to the provider you configure; the platform records token usage and cost per run, and keys are stored with AES-256-GCM encryption.

  • Choose from 15+ providers; each agent in a workflow can use a different model
  • Claude Pro / ChatGPT support subscription-based sign-in
  • Connect local Ollama / LM Studio to keep model calls on your own machine
SELF-HOSTEDSelf-Hosted Deployment

The Enterprise tier deploys the whole platform into your environment, so data never leaves your boundary.

  • Workflow definitions, run logs, and credentials all live on your infrastructure
  • Horizontal multi-instance scaling, with Prometheus metrics feeding your existing monitoring
  • SSO and your own OIDC connect to your identity system
GDPR

Data rights built as product features

Export, deletion, and consent records — all three have in-product entry points.

EXPORTData Export

Self-serve personal data export in the product, covering the right to portability.

DELETERight To Erasure

Account and associated data deletion starts in the product, covering the right to be forgotten.

CONSENTConsent Records

Cookie consent and authorization decisions are recorded and traceable to a point in time.

Security questions — email us directly
Send specific questions about architecture, sandboxing, credentials, or compliance to admin@braidrun.com; to verify things yourself first, sign up and run a workflow in template demo mode.