← Back to Home

Security & Trust

Rez was built for enterprise environments where speed matters, but control matters more. We don't just claim security — we prove it through a structured, multi-phase adversarial security program against our own platform.

80+

Attack Vectors

Findings — All Prioritized

11/11

Critical + High Closed

1,570+

Automated Tests

Red Team Findings

Our adversarial red team exercise produced 17 findings across 4 severity levels. Every critical and high-severity finding has been remediated and verified with regression tests.

2/2

Critical — Closed

4/4

High — Closed

5/5

Medium — Closed

6 low-severity findings (cosmetic headers, CORS tuning, arena hardening) tracked for production release. No exploitable risk.

What We Tested

The red team exercise covered every major attack surface of an AI-powered network operations platform:

✓ Authentication bypass — forged tokens, empty headers, SQL injection, default credential enumeration

✓ SSH command injection — 35+ blocked patterns, pipe-to-shell escape (bash, python, redirect), injection token filtering

✓ Path traversal — 9 vectors including encoded, double-encoded, null byte, and absolute path injection

✓ Session manipulation — cookie forgery, session fixation, replay attacks, cross-session leakage

✓ AI prompt injection — jailbreak, system prompt extraction, indirect injection via CLI banners, memory poisoning

✓ Cross-origin attacks — CORS bypass, evil-origin reflection, host header injection, method tampering

✓ Webhook abuse — SolarWinds/Slack token bypass, query-string fallback, unsigned event injection

✓ Data exfiltration — credential exposure, privacy boundary validation, cross-incident isolation

✓ AI tool surface abuse — tool injection, scope expansion, write-tool activation, base64-encoded bypass

✓ Brute force & rate limiting — login throttling, cumulative lockout, credential stuffing

✓ Information disclosure — API docs gating, health endpoint hardening, error message sanitization

✓ Cost/DoS attacks — SSH quota enforcement, per-incident budgets, concurrent investigation limits

Structured Security Audit Program

Our security program follows a structured, multi-phase approach. Each phase goes through a formal review cycle: audit, plan, implement, and adversarial validation.

Phase 1

Authentication & browser security — default credential removal, HttpOnly session cookies, localStorage cleanup

Phase 2

URL token removal — SolarWinds header-only auth, arena one-time redeem codes, RBAC tightening

Phase 3

Secret management — runtime path isolation, Fernet key migration, tracked artifact removal, CI hygiene gate

Phase 4

AI runtime hardening — sandbox isolation, deny-by-default tool policy, environment variable allowlisting, path traversal closure

Phase 5

Internal validation — dependency audit, SAST scan, 12-scenario attack replay suite, kill switch validation

Phase 6

AI red team — 80+ live attack vectors across 12 categories against a 34-node staging lab, followed by remediation and re-validation

Read-Only by Design

Rez does not modify network configuration, push changes, or execute write operations. Ever.

Rez uses read-only SSH and REST API access to collect device state. All commands are enforced through a multi-layer safety policy:

Allowlist-first — only pre-approved read-only commands execute (show, ping, traceroute). Everything else is denied.
Blocklist-hardened — 35+ dangerous patterns explicitly blocked (configure, write, reload, delete, copy, etc.)
Pipe-escape protection — post-pipe commands like | bash, | python, | redirect are blocked while safe filters (| include, | section, | json) work normally
Injection-filtered — command chaining tokens (;, &&, ||, newlines) blocked at the safety layer
Fail-closed — if the safety module is unavailable for any reason, all commands are blocked until it is restored
Quota-bounded — per-incident SSH command and device budgets prevent runaway operations
Fully auditable — every command, device, and timestamp is recorded in the investigation trail

Defense in Depth — 5-Layer AI Containment

The AI reasoning agent operates within strict security boundaries enforced at multiple independent layers:

Layer 1: Tool Allowlist

Only explicitly registered read-only tools are available. Write, edit, and system tools are blocked at the framework level with a deny-by-default policy.

Layer 2: Command Safety

Every SSH command passes through allowlist, blocklist, pipe-segment, and injection filters. If any layer fails, the command is blocked (fail-closed).

Layer 3: Runtime Isolation

The AI subprocess runs in a sandboxed environment with explicit environment variable allowlisting. No API keys, credentials, or sensitive configuration are accessible.

Layer 4: Per-Incident Budgets

Each investigation has hard limits on SSH commands, devices contacted, API calls, and wall-clock time. Cost-amplification attacks hit quota enforcement.

Evidence Chains, Not Black Boxes

Every finding Rez produces maps back to a specific command output, from a specific device, at a specific time. There are no hidden inferences or unexplainable conclusions.

Your engineering team can inspect and independently verify the evidence behind every conclusion. The math engine produces deterministic, reproducible results — the AI layer narrates and investigates, but never invents findings without supporting evidence.

Data Handling & Privacy

Rez is designed with data privacy as a core architectural constraint:

IP addresses, hostnames, and community strings are cryptographically masked using AES-128 prefix-preserving tokenization
The reasoning layer never sees raw customer network data
Anonymization occurs before any data leaves the collection boundary
Cross-incident isolation ensures one investigation cannot access another's data
Credentials are resolved at call time from encrypted storage — never embedded in subprocess environments, API payloads, or log output

Rezonance Networks does not train AI models on customer data. Your network data is used only for the active investigation and is not retained beyond the session.

Integration Security

Third-party integrations (Slack, SolarWinds, webhooks) follow the same security standards:

Signature verification mandatory — webhook events are rejected unless cryptographically signed. Missing signing secrets result in immediate rejection, not silent acceptance.
Header-only authentication — integration tokens are never accepted via URL query strings. All auth is header-based with HMAC verification.
Rate limiting — login endpoints enforce per-IP rate limits with progressive lockout. Concurrent investigation limits prevent resource exhaustion.
Scoped sessions — arena and demo sessions use dedicated HttpOnly cookies with independent lifecycle management.

Security Controls Summary

✓ Read-only by design

✓ Command allowlist + blocklist enforced

✓ Pipe-to-shell escape protection

✓ Injection token filtering

✓ Fail-closed safety architecture

✓ Per-incident SSH/device budgets

✓ Cryptographic anonymization (AES-128)

✓ No training on customer data

✓ Full audit trail on every action

✓ AI runtime sandboxing

✓ Environment variable isolation

✓ HttpOnly session cookies (SameSite, Secure)

✓ Path traversal protection (9/9 vectors)

✓ Cross-incident data isolation

✓ Login rate limiting with progressive lockout

✓ Webhook signature verification (mandatory)

✓ Security response headers (XFO, XCTO, CSP)

✓ API documentation gated per environment

✓ Encrypted credential storage (Fernet)

✓ Auth file permission enforcement (0600)

✓ 94+ automated security tests

✓ 1,570+ total regression tests

Continuous Security Validation

Security is not a one-time checkbox. Our development process includes:

94 automated security tests run on every code change — covering authentication, session management, RBAC, webhook auth, runtime hardening, tool policy, path traversal, pipe-escape, fail-closed behavior, and 12-scenario attack replay
1,570+ total regression tests ensure security fixes do not break platform functionality
6-phase security audit program — each phase follows a formal audit, plan, implement, and adversarial validation cycle
AI-specific attack coverage — prompt injection, jailbreak, tool surface expansion, memory poisoning, data exfiltration, and cost-DoS are tested at both the code and live-system level
Live staging validation — security fixes are verified against a live 34-node multi-vendor network lab, not just unit tests

Compliance & Assurance

Rezonance Networks is building its security program to support enterprise requirements. Our platform architecture was designed with compliance considerations from the start — including data isolation, audit logging, encryption at rest and in transit, and role-based access controls.

If you have specific assurance needs (SOC 2, ISO 27001, HIPAA, PCI-DSS, FedRAMP, GDPR), please contact us for current status and roadmap details.

Questions?

If you have security questions, need a detailed audit report, or require additional information for your evaluation, reach out to [email protected]. We respond within 2 business days.

Rezonance Networks, Inc. — Massachusetts, USA