Security Overview

Access And Identity

High-risk actions stay approval-gated. MFA is supported for operator flows through your identity provider (TOTP via Cognito), and tenant identity is enforced at the API boundary before execution proceeds.

• Per-organization isolation for data, memory, evidence, and billing.
• Role and capability checks on sensitive actions.
• Fail-closed behavior when delivery or approval transports are unavailable.

Data Protection

Customer data is segmented by tenant and protected with encryption and service-side controls. WorkMemory and runtime services are expected to reject requests that do not carry valid tenant context.

• Evidence records are written to immutable storage with long retention.
• Billing and operational data stores use point-in-time recovery where configured.
• Sensitive approval and execution paths are designed to degrade honestly when a dependency is missing.

Proof And Auditability

Workweaver is designed so teams can inspect what happened, not just trust that it happened.

Operational Posture

Workweaver remains in guided rollout. Production claims are limited to what is wired across the live product path, and public proof surfaces are updated as capability coverage changes.

• Launch checks include browser smoke, API smoke, and public-surface verification.
• Unsupported or partially wired execution paths should be removed, gated, or marked explicitly.
• Brand Facts remains the canonical public summary of known limitations.

More Detail

For a structured capability and limitations summary, review Brand Facts. Legal and policy pages are also available under Privacy, Terms, and Cookies.