Security · Governance · Compliance

The non-negotiable foundation of enterprise AI.

In the AI era, your data is your greatest competitive advantage. And we treat it that way.

Deploying generative AI shouldn't mean giving up control. At MyDatAgent, security isn't a feature request — it's our core architecture. We've built the most robust ecosystem on the market so your company can harness AI's power with the zero-risk security your CISO demands.

I want to approve my AI project View certifications
SOC 2Type I & II
ISO 27001Certified
VPC BR10.20.0.0/16
SSO & access control

Principle of least privilege, applied to AI

Strong passwords aren't enough: every team member and every agent accesses only what they strictly need. Onboarding and offboarding in seconds via your corporate IdP.

Unified SSO

Integrate with your identity provider (Okta, Azure AD, Google Workspace). Employee leaves the company, access to AI and data drops instantly. Native SAML 2.0, OIDC, and SCIM.

Per-user API keys

End Shadow AI. Every developer, analyst, or agent gets a unique, traceable, revocable key. The master key stays protected in the MDA backend.

Granular RBAC

Define who can create agents, query sensitive data, or only view dashboards. The intern doesn't have the same view as the CFO. Customizable and auditable roles.

Supported identity providers

Okta Azure AD Google Workspace Auth0 OneLogin JumpCloud Keycloak SAML / OIDC custom
SAML 2.0 OIDC SCIM 2.0 MFA enforced Just-in-time provisioning
Observability · Smart alerts

Total visibility over your operation's brain

If an agent is processing critical data, you can't be in the dark. Monitor in real-time every call, every token, every MCP tool triggered — and get alerted before the incident.

Complete telemetry

Every API call, every token processed, every MCP tool triggered. You know exactly what the AI is doing — and what it tried to do and was blocked.

Anomaly alerts

Agent tried to access a table out of scope? One user's costs spiked overnight? Instant alerts via Slack, PagerDuty, or email — before it becomes an incident.

Audit & immutable logs

Full trace of who accessed what, when, and what the response was. Cryptographically signed logs exportable to your SIEM (Splunk, Datadog, Elastic). Ready for audit.

Structural policies · Guardrails

Business rules are walls — not suggestions

Compliance can't depend on model goodwill. MyDatAgent policies run via LiteLLM in real-time: if the rule is "SDR agent doesn't discuss legal", it doesn't. Period.

DLP · Data Loss Prevention

PII and IP never leak

Built-in Guardrails ensure CPF, CNPJ, health data, and intellectual property never appear in prompts or responses — output auto-redacted.

CPFCNPJCardEmail+30 entities
Topic restriction

Each agent in its lane

The SDR Agent doesn't give legal advice. The BI Agent doesn't discuss competitors. Real-time blocking via LiteLLM, with versioned and auditable policy.

BusinessBy departmentBy channelVersioned
Data sovereignty

Isolated VPC in Brazil

Your data is never used to train third-party models. Infrastructure runs in isolated VPCs 10.20.0.0/16 in Brazilian datacenters. 100% LGPD compliant.

Region · sa-east-1Encryption at restEncryption in transitTenant isolation
Security certifications

Anyone can claim security. Only we're audited.

The highest global compliance standards — so companies in highly regulated sectors (Finance, Healthcare, Legal) operate with peace of mind.

Certification Status Report access
SOC 2 · Type IAICPA · Point-in-time control design audit
 Certified Available under NDA · Enterprise plan
SOC 2 · Type IIAICPA · Continuous control audit over 12-month period
 Certified Available under NDA · Enterprise plan
ISO/IEC 27001Information security management system · international standard
 Certified Available under NDA · Enterprise plan

Compliance isn't optional. With MyDatAgent, your AI infrastructure is born within global auditor and regulator requirements — and the evidence package arrives ready for your CISO and Legal team.

Request lifecycle

Five security walls between user and model

How do we guarantee end-to-end security? Through our armored orchestration proxy. No stage is optional.

1
Identity · Authentication

User or agent makes the request

Unique API key issued via SSO. Identity validated against corporate IdP. Session expires automatically per company policy.

SSOSAML 2.0MFAAPI Key
2
AI Gateway · LiteLLM Proxy

Quotas, rate limits, and RBAC

The proxy intercepts the request. Applies per-user quotas, rate limits (TPM/RPM), and checks access policies via RBAC. If the rule denies it, blocked before filtering.

LiteLLMVirtual keysRBACQuotas BRL
3
Guardrails · DLP & Topic

Prompt and response scanning

Native Content Filter + Presidio + Lakera + Aporia run in parallel. Removes PII, blocks unauthorized topics, and prevents prompt injection before the model sees input.

PresidioLakeraAporiaMDA Filter
4
Infrastructure · Private VPC

Model processes in total isolation

SLM or LLM runs in your dedicated VPC (10.20.0.0/16) in a Brazilian datacenter. Zero leakage: data encrypted at rest and in transit, tenant isolation.

VPC sa-east-1FP8 · vLLMTenant isolationKMS
5
Observability · Audit trail

Every cycle logged immutably

Who · when · which model · which prompt · which response · which MCP tool. Signed logs, hash-chained, and exportable to SIEM. Ready for audit and investigations.

SplunkDatadogElasticS3 immutable
Strategic consulting · MDA Consulting

Regulated sector and your Compliance team is blocking the project?

The biggest barrier to AI adoption in banks, hospitals, and law firms isn't technology — it's governance. MDA Consulting bridges engineering and your CISO.

We map your regulatory requirements (LGPD, Bacen, ANS, OAB), configure policies, implement anomaly alerts, and deliver all necessary SOC 2 / ISO documentation and reports so your Legal and Security teams can green-light the project.

I want to approve my AI project View governance plan