Runtime threat model
The Intended threat model addresses token theft, replay attacks, policy bypass, adapter impersonation, tenant boundary violations, and audit chain tampering. Each vector has a documented mitigation.
Enterprise / Security
Security Center
Intended's security model is built on the principle that the authority system must be at least as secure as the systems it protects. Encryption, key isolation, fail-closed architecture, and tenant separation at every layer.
Encryption
AES-256-GCMGenerally Available
Data at rest
All sensitive data including signing keys, connector credentials, LIM provider keys, and encrypted prompts.
TLS 1.3Generally Available
Data in transit
Enforced for all API communication, database connections, and cache connections.
RS256 (RSA 2048-bit)Generally Available
Token signing
Per-tenant key pairs. Private keys encrypted with AES-256-GCM using server-side secret.
HMAC-SHA-256Generally Available
Evidence bundles
Self-contained evidence packages independently verifiable without database access.
Key Management
Per-tenantGenerally Available
Key isolation
Each tenant has unique RSA key pairs. Compromise of one tenant's keys does not affect others.
Automated lifecycleGenerally Available
Key rotation
Keys transition through ACTIVE → PREVIOUS → RETIRED states with retry logic for race conditions.
AES-256-GCMGenerally Available
Storage encryption
Private keys encrypted at the application level before database storage.
Access Control
4 roles, 20 permissionsGenerally Available
RBAC
Viewer, Operator, Approver, Admin. Enforced at Fastify middleware level on every request.
Database-scopedGenerally Available
Tenant isolation
Every query scoped to tenant ID. No API surface for cross-tenant access.
Bearer tokensGenerally Available
API authentication
API keys with mrt_live_ (production) and mrt_test_ (development) prefixes.
Enterprise SSO + SCIMGenerally Available
SSO / SAML
OIDC/SAML runtime flows and SCIM provisioning with tenant-bound enforcement.
Architecture
Every boundaryGenerally Available
Fail-closed
If the Authority Engine cannot reach a decision, the intent is denied. No fallback bypasses authority.
Single-useGenerally Available
Nonce protection
Every token nonce is consumed on first verification. Replay attacks are impossible.
SHA-256 hash chainGenerally Available
Audit integrity
Tamper-evident chain. Any modification breaks the chain and is immediately detectable.
Threat Model
Responsible disclosure
Security vulnerabilities can be reported to security@intended.so under a coordinated disclosure policy. We commit to acknowledgment within 48 hours and resolution timeline within 5 business days.
Penetration testing
Annual third-party penetration testing is part of the compliance roadmap. Results are shared with enterprise customers under NDA upon request.
Subprocessor transparency
A current list of subprocessors and their roles in the Intended platform is maintained and available to enterprise customers upon request.