Security · Trust

Security that reads like a datasheet, not marketing.

GROUNDROCK runs on the same primitives, controls, and audit chain as a Tier-1 cloud provider — applied to every AI request, at every edge.

Certifications

SOC 2 Type II, ISO 27001, HIPAA, GDPR, and CCPA. PCI DSS in scope for 2026.

Data handling

Zero-retention by default for supported providers. Enforced as a policy for Enterprise.

PII redaction

Automatic detection and reversible tokenization of emails, cards, IDs, and secrets.

Encryption

TLS 1.3 in transit, AES-256 at rest, customer-managed keys via KMS on Enterprise.

Access control

SSO/SAML, SCIM provisioning, granular RBAC, project-scoped keys with spend caps.

Prompt-injection defense

Nine-layer guardrail pipeline for prompt injection, jailbreaks, and tool-abuse detection.

Signed audit logs

Every request logged with a signed hash chain, streamable to Splunk, Datadog, or S3.

Business continuity

Multi-region active-active deployment. RTO < 5min. RPO = 0 for control plane data.

Trust Center

Request our SOC 2, ISO 27001, and penetration test reports.

Signed NDAs handled inline. Reports issued within 15 minutes to verified enterprise domains.

Start building on GROUNDROCK.

Every AI model, one endpoint, production-grade primitives. 10,000 requests free forever — no credit card required.

$ curl https://api.groundrock.dev/v1/chat