Security & Trust
Your data lives where JPMorgan's lives.
SwarmLabs runs entirely on AWS infrastructure with Firecracker MicroVM isolation between every agent. Secrets stay in AWS Secrets Manager. Models live in Bedrock. Nothing trains on your data. The same security posture banks pay $50k+/year for.
The 6 principles
How we keep customer data isolated, encrypted, and yours.
Firecracker MicroVM isolation
Every agent runs in its own AWS Firecracker MicroVM — the same isolation tech AWS Lambda uses to separate workloads at the hypervisor level. Customer A's data, secrets, and runtime state cannot reach Customer B's agents, even within the same physical host.
Built on AWS Bedrock AgentCore
We don't host language models ourselves. All inference runs through AWS Bedrock — Claude, Llama, and Mistral models served by AWS in the us-west-2 region. No data leaves AWS infrastructure during agent execution.
Never trains a model on your data
Anthropic, Meta, and Mistral models served via AWS Bedrock do not use customer inputs for model training. We don't either. Your CRM data, customer conversations, and uploaded documents stay yours.
Secrets never leave AWS Secrets Manager
Customer credentials (Twilio keys, OAuth tokens, GHL keys) are stored exclusively in AWS Secrets Manager with KMS encryption. Our DynamoDB customer-skill records reference secret ARNs only — never raw values. CloudTrail logs every secret access.
Single-tenant data partitioning
Customer data is partitioned by tenant ID at the database layer. IAM policies on agent execution roles enforce that an agent can only access secrets and data scoped to its assigned customer.
Full audit trail
Every agent invocation, secret access, and skill activation is logged to CloudWatch with timestamps + customer ID + skill slug. We can produce per-customer audit reports on request.
Certifications & compliance
Where we stand. Honest dates.
We're a 2026 launch — most certifications are mid-process. Here's the truth:
SOC 2 Type I
In progress · Q3 2026Type I report scheduled with our auditor. Expected completion July 2026. Type II audit period begins August 2026.
HIPAA BAA
Available Q3 2026BAA capability rolling out for healthcare verticals (dental, medical practices, vet) in tandem with SOC 2.
GDPR + CCPA
CompliantData subject access requests, right to deletion, and DPA available on request. Email security@swarmlabs.cloud.
PCI DSS
Out of scopeWe don't process card data. Payment workflows route through Stripe and your existing processor — we never touch the card.
Plain-English data flow
From your data → to the agent → and back. Step by step.
- 1
Customer activates a skill
Setup wizard collects API keys + config. Secrets → AWS Secrets Manager (KMS-encrypted). Config → DynamoDB.
- 2
Agent runtime provisioned
AgentCore creates a per-customer runtime with an IAM role scoped to ONLY this customer's secrets + tenant data.
- 3
Agent invocation
Webhook or scheduled trigger fires. Agent fetches needed secrets via SDK with its IAM role. Bedrock Converse API call. Result returned.
- 4
Telemetry logged
Token usage, latency, status → CloudWatch + DynamoDB telemetry table (TTL 7 days, then aggregated to Timestream).
- 5
No training loop
Customer data is NOT routed to model training pipelines. Inference is stateless from a training perspective.
Subprocessors
Every third party that touches data — named.
We don't believe in opaque vendor lists. Here's everyone in our processing chain:
| Subprocessor | Purpose |
|---|---|
| AWS (US-West-2) | Compute, storage, secrets, model inference (Bedrock) |
| Twilio | Voice + SMS infrastructure (when activated) |
| Stripe | SwarmLabs subscription billing only — never customer-side payments |
| Loops.so | Lifecycle email (when activated by customer) |
| Plausible Analytics | Privacy-preserving website analytics — no cookies, no personal data |
Need to walk your security team through this?
Book a 15-min call. We'll talk through your specific compliance needs and where SwarmLabs fits in your stack.
Book a security review call