> ## Documentation Index > Fetch the complete documentation index at: https://docs.svantic.com/llms.txt > Use this file to discover all available pages before exploring further. # Index # Security Overview Svantic is designed for regulated industries where data sovereignty, auditability, and access control are non-negotiable. Security is not a feature layer — it's baked into the architecture at every level. *** ## Principles * **Your data never leaves your environment.** Capabilities execute on your infrastructure. Svantic orchestrates — it doesn't touch your raw data. * **Every operation is authenticated.** Not just connections — every individual capability invocation carries a cryptographically signed, short-lived token. * **Organization isolation is cryptographic, not logical.** Accounts are isolated at the authentication layer. Agents, sessions, knowledge, and routing are all scoped to your account. * **Defense in depth.** Multiple independent safety layers — authentication, invocation auth, policies, ToolGuard, FlowGuard, approval workflows, zero-knowledge credentials — each operates independently. *** ## Architecture | Layer | Protection | | --------------------------------------------------------------------------------- | ------------------------------------------------------------------------- | | **[Authentication](/security/authentication)** | API credentials, short-lived tokens, automatic refresh | | **[Per-Invocation Auth](/security/authentication#per-invocation-authentication)** | Every capability call is independently signed and verified | | **[Data Encryption](/security/encryption)** | Encryption at rest (disk, column-level), in transit (TLS), key management | | **[Zero-Knowledge Credentials](/security/credentials)** | Credential values never leave the client machine | | **[Guardrails](/concepts/guardrails)** | ToolGuard, FlowGuard, approval workflows | | **[Policies](/guides/policies)** | Configurable rules for what agents can and cannot do | *** ## Data Sovereignty Svantic never touches your data. Capabilities execute on your infrastructure — your agents run on your machines, access your databases, and use your credentials locally. Svantic only sees: * Capability names and descriptions (from your agent card) * Structured results your agent chooses to return * Session metadata (who's involved, what state things are in) Your raw data, credentials, file contents, and internal state never leave your environment. *** ## Organization Isolation Each Svantic account is cryptographically isolated: * Agents registered under your account are invisible to other accounts * Sessions, messages, and knowledge are scoped to your account * Routing decisions never cross account boundaries * Even on shared infrastructure, your data is isolated at the authentication layer — not by application logic *** ## Safety Layers Svantic applies multiple independent safety layers to every operation: | Layer | What It Does | | ------------------------------ | --------------------------------------------------------------------------------- | | **Authentication** | Verifies agent identity before any operation | | **Invocation Auth** | Cryptographically authenticates every capability call | | **Registration Policy** | Controls which agent types can operate (open, allow-list, or audit mode) | | **ToolGuard** | Gates tool invocations — file access, commands, resource budgets, bulk operations | | **FlowGuard** | Prevents runaway execution — step limits, timeouts, cycle detection | | **Approval Workflows** | Requires human sign-off for sensitive operations | | **Zero-Knowledge Credentials** | Credential values never leave the client machine | Each layer operates independently. Compromising one does not compromise the others.