Security & PrivacyControls, audits, and least-privilege defaults

Security and privacy you can operationalize

Upcube is built to support safe deployment: strong access controls, scoped tooling, auditability, and privacy-minded data handling. This page outlines the controls we prioritize and the baseline we recommend for real-world use.

See controls Contact security
RBAC + audit logsTool allow-listsScoped retentionIncident playbooksEvaluation gates

Core principles

The security posture we optimize for: practical controls, measurable checks, and reliable incident response.

Secure by design

  • Defense-in-depth across app, infra, and model integrations.
  • Threat modeling for new surfaces (agents, tools, connectors).
  • Least-privilege by default for actions and data access.

Strong access controls

  • Role-based access control (RBAC) and scoped permissions.
  • Audit logs for admin actions, config changes, and tool calls.
  • Rate limits and allow/deny lists for tool and web access.

Privacy-first handling

  • Data minimization, scoped retention, and purpose limitation.
  • Separation of concerns with tenant isolation where applicable.
  • User controls for visibility and safer defaults for sensitive topics.

Controls that matter

This is the stuff you actually use in production: policy boundaries, visibility, permissions, and fast containment when the world gets messy.

Customer controls

Practical defaults you can enforce and audit.

  • Workspace / tenant policies
    Enforce allowed tools, connectors, and content boundaries.
  • Visibility controls
    Where feasible: sources, citations, and activity summaries.
  • Safer-mode toggles
    Extra friction and warnings for sensitive categories.

Monitoring & incident response

Practical defaults you can enforce and audit.

  • Telemetry + alerting
    Anomaly detection and abuse signals.
  • Triage SLAs
    Severity-based on-call and escalation paths.
  • Containment
    Scoped rollbacks, throttles, and kill-switches.
  • Postmortems
    Blameless reviews with tracked remediations.

Governance & compliance support

Practical defaults you can enforce and audit.

  • Security reviews
    Gated launches for risky capabilities.
  • Data governance
    Least privilege + logged elevations.
  • Compliance support
    DPA on request; aligned privacy workflows.

Recommended admin baseline

If you do nothing else, do these first.

  • Enable SSO (if available) and enforce MFA for admins.
  • Lock down tool access: start with allow-lists, expand gradually.
  • Turn on audit logs and review them during onboarding.
  • Use scoped API keys and rotate on a schedule or after incidents.
  • Set retention to the minimum that supports your workflow.
  • Create an incident channel + runbook for escalation and comms.
View safety page

Operational posture

How we think about security in real deployments.

Data protection
  • Encrypt in transit and at rest where applicable.
  • Minimize stored content; limit logs to what you need.
  • Separate customer content from system telemetry.
Tooling safety
  • Explicit opt-in for tool calls and external side effects.
  • Hard boundaries for high-risk actions (payments, deletion).
  • Domain allow/deny lists for web-connected tools.
Evaluation & drift control
  • Regression suites for jailbreaks, leakage, and prompt injection.
  • Shadow launches for risky changes with monitoring gates.
  • Continuous re-evals when models, tools, or policies change.

FAQ

Do you train on my content?

Upcube is designed to support privacy-preserving operation. For enterprise use, we aim for clear controls around retention, access, and isolation. If you need a specific data-handling posture, treat it as a contract requirement and validate it in evaluation.

What happens when something goes wrong?

We treat incidents like engineering problems: detect → triage → contain → remediate → learn. We prioritize fast containment (rate limits, scoped disables) and then publish tracked fixes and evaluation updates.

How do you handle tool-call risk?

Tool calls are gated by policy, permissions, and scope. We recommend least-privilege defaults, explicit opt-in for side effects, and audit logs for every external action path.

Report an issue / contact

Security contact

For vulnerabilities or urgent reports, include reproduction steps and impact.

New York, NY 10005 · USA
[email protected]
Include: affected pages/endpoints, timestamps, example inputs, logs (if safe), and the expected vs. observed behavior. If you have a suggested fix, attach it.
Research overview

Related pages

Deep dives and operational guidance.

If you need enterprise controls (SSO, audit exports, custom retention), treat them as requirements and validate them during onboarding.