Security overview
VeliKey security model separates transit enforcement, control-plane governance, and customer-owned key custody responsibilities.
Key management boundaries
- Customer teams retain responsibility for key custody decisions in their KMS/HSM workflows.
- Aegis enforces transport-policy decisions; it is not a replacement for customer key lifecycle governance.
- Axis stores policy intent, rollout state, and operational receipts for governance and review.
Data flow summary
- Application endpoints encrypt and decrypt application payloads in customer environments.
- Aegis evaluates transport-policy compliance in traffic paths and emits telemetry outcomes.
- Axis receives policy and rollout metadata for orchestration, auditability, and incident review.
What VeliKey does not store
- Customer plaintext business payload data by default.
- Customer-managed root key material used outside VeliKey-managed control planes.
- Credentials or secrets not explicitly provisioned for control-plane operation.
What customers control
- Application data classification, retention policy, and tenant-level access decisions.
- Key rotation policies and provider-specific key governance controls.
- Rollout approval authorities and production promotion criteria.
Operational records VeliKey stores
- Policy definitions, rollout checkpoints, and rollback actions in Axis.
- Agent telemetry and posture metadata required for rollout decisioning.
- Audit receipts linked to policy changes and control-plane actions.
Responsible disclosure
Security reports are handled through a documented intake and triage process with target response windows.
Trust and compliance references
See trust-boundary assumptions, service health communication references, and trust-claim review workflow rules.