// security
Security claims must be backed by operational evidence.
Perathos uses precise language for security reviews. We distinguish current public controls from planned controls and from features that must be demonstrated in the customer environment.
pt-br
Declaracoes de seguranca precisam de evidencia operacional.
A Perathos usa linguagem precisa em revisoes de seguranca. Separamos controles publicos atuais, controles planejados e recursos que precisam ser demonstrados no ambiente do cliente.
Controle de acesso
Access control
current / atual
Least privilege is the required operating principle. Product-specific workspace access controls should be shown from the live deployment before being used as evidence.
planned / planejado
Document role matrix, access review cadence, and customer workspace administration evidence.
Segredos e autenticacao
Secrets and authentication
current / atual
Secrets must not be committed to source code or shared in documents. This page does not claim write-only secrets or API key expiration unless demonstrated in the customer environment.
planned / planejado
Publish evidence for API key expiration, secret creation behavior, and credential rotation once verified.
Logs e auditabilidade
Logging and auditability
current / atual
Operational logs should support investigation and procurement review. This page does not claim complete run history evidence unless the deployment shows it.
planned / planejado
Document run logs, timestamps, metrics, errors, manual execution events, and alert behavior for each production deployment.
Protecao de dados
Data protection
current / atual
Data handling is scoped by customer agreement and deployment design. Column anonymization is not represented as active unless demonstrated.
planned / planejado
Publish the supported anonymization, retention, deletion, and export controls for the production product.
en
Managed services and inherited controls
Perathos will use inherited controls only where the underlying provider and deployment are confirmed. We do not name a cloud provider on this public page unless the production stack for the customer engagement is verified.
pt-br
Servicos gerenciados e controles herdados
A Perathos so usara controles herdados quando o provedor e o deployment forem confirmados. Nao nomeamos provedor de nuvem nesta pagina publica sem verificar a stack de producao do engajamento.
procurement evidence