SOC 2 TYPE II · APRIL 2026

Security built for the way regulated fintechs actually buy software.

Aithon processes your sales activity — pipeline, communications, meetings — to make your reps smarter. We never touch your end-customer banking data. CRM and email writes happen only as part of campaigns and sequences your reps explicitly run, with scoped OAuth, full audit trails, and admin-controlled enable/disable per integration.

Talk to security Request architecture deep-dive

01 · Integrations & auth

Every connection scoped, admin-consented, revocable.

Aithon authenticates to every source system through OAuth 2.0 with explicit admin consent. Read scopes power intelligence; write scopes are separate, optional, and only used when your reps run campaigns or sequences. No service accounts, no stored passwords, no standing credentials.

Source	Auth	Access scope	Mode
Salesforce	OAuth 2.0	Read: accounts, opportunities, contacts, pipeline. Write (campaigns): when a rep runs a sequence, Aithon updates contact engagement, logs activities, and adds rep-approved notes — using a separate, admin-consented write scope. Every write is logged and reviewable in the activity audit. Disable per integration at any time.	Read · Write (campaigns)
Outlook	OAuth 2.0	Read:sales mailbox content & metadata for relationship signals. Write (sequences):when a rep runs a sequence, Aithon sends emails on the rep's behalf using their delegated permission. Drafts can be set to require rep approval before send or auto-send per sequence policy. Every send is logged with the originating sequence ID.	Read · Write (sequences)
Microsoft Teams	OAuth 2.0	Meeting transcripts & metadata via Graph API `OnlineMeetingTranscript.Read.All`. Per-user delegated permissions; transcripts processed only when the user has consented to the integration.	Read-only
Highspot	OAuth 2.0	Content engagement analytics (which deck was viewed, by whom, when), titles, categories, and the document content itself for retrieval and grounding. Used to power content recommendations and ground AI responses in your enablement library.	Read-only

No stored passwords.

All access is token-based. OAuth tokens are stored Fernet-encrypted in Postgres, auto-refresh themselves, and never appear in logs or env vars.

Writes are opt-in, per integration.

Read and write scopes are granted separately. An admin can enable read-only intelligence first, then enable write scopes for campaigns and sequences once they’re ready. Either can be disabled at any time without losing the other.

Full write audit trail.

Every Aithon-initiated CRM update or email send is logged with timestamp, user, integration, originating sequence, and payload diff. Available to your admins in the activity audit and exportable as CSV.

02 · Privacy controls

Your admins switch off any data category at the source.

Most “privacy controls” in B2B SaaS are post-processing filters. Aithon's are a hard gate at the pipeline boundary — when your admin marks a category Excluded, that data is never loaded into the AI processing layer in the first place.

Hard gateEnforcement at the gold→insights boundary, not a post-filter on results. Excluded data never enters the AI pipeline.

RetroactiveFlipping a category from Eligible to Excluded purges previously-derived insights from the insights layer. Originals in bronze/silver/gold are untouched.

Fail-closedIf the privacy-control service is unreachable, the pipeline defaults to PRIVACY_FAIL_MODE = closed. Excluded by default rather than processed without authorization.

AuditableEvery change logged with timestamp, admin user, category, and old/new state. Visible to your admins in the Settings dashboard.

aithon · admin · /privacy-controls

AI Data Eligibility

Choose which data categories the AI processing pipeline is permitted to use. Excluded data is never loaded into AI; existing insights for excluded categories are purged within 24h.

Email CommunicationsOutlook · 24,841 messages indexed

Call TranscriptsGong · 412 calls last 30d

CRM RecordsSalesforce · accounts & opps

Meeting NotesTeams transcripts · Granola

MessagingSlack channels

Off

Stakeholder ProfilesContact enrichment

ENFORCED AT PIPELINE BOUNDARY · LAST UPDATED 2 MIN AGO BY YOU

03 · Defense in depth

Identity, network, data, application — controls at every layer.

No single control is sufficient on its own. Aithon implements specific guardrails at each layer of the stack so that a compromise at one level does not cascade to the next.

Identity & access

Auth0 · OIDC · JWT

Org-scoped auth · multi-tenant isolation
JWT tokens with role claims (admin / user)
All API requests validated server-side
No passwords stored — delegated to Auth0
MFA configurable per organization

Network

VPC isolation

All services in private subnets
ALB is the only public-facing endpoint
Security groups enforce least-privilege ports
RDS & Redis not publicly accessible
Private Route 53 for service-to-service

Data

Encryption everywhere

In transit: TLS 1.3 (ALB · service-to-service)
At rest: AES-256 — RDS · S3 (KMS) · EBS
Secrets in AWS Secrets Manager (no env vars)
OAuth tokens Fernet-encrypted in Postgres
Backups encrypted · 7-day retention

Application

Secure by design

Org-scoped queries · no cross-tenant access
Server-side rendering · no client API keys
Parameterized queries · no raw SQL
Input validation (Pydantic) on every endpoint
CORS restricted to known domains

04 · Deployment models

Multi-tenant by default. Dedicated infrastructure when you need it.

Most customers run on shared infrastructure with logical isolation at every layer. Enterprise customers with stricter requirements can be deployed to a dedicated ECS cluster, RDS instance, S3 bucket, and customer-managed KMS keys.

● Standard

Multi-tenant

Shared infrastructure with logical isolation. The default for the vast majority of customers.

Shared ECS cluster

APIWebAppAgents

Shared RDS PostgreSQL

Org AOrg BYour orgOrg D

Org-scoped queries — aithon_org_id on every table
Auth0 Organization per customer — JWT-enforced
Per-org privacy controls & pipeline config
Encrypted credentials per-user (Fernet)
No API endpoint returns cross-org data

● Enterprise option

Dedicated infrastructure

Isolated compute and storage for the strictest security postures. Available as an enterprise option.

Dedicated ECS cluster

APIWebAppAgents

Dedicated RDS PostgreSQL

Your org · only tenant

Separate ECS cluster & task definitions
Dedicated RDS instance
Isolated S3 data lake bucket
Separate VPC or dedicated subnets
Customer-managed KMS keys (optional)
Independent scaling & maintenance windows

Ready for your security team to take a look?

For a deeper review — integration scopes, threat model, write audit walkthrough, regional residency — book an architecture deep-dive with our team. We'll bring an engineer.

Talk to security Book architecture deep-dive