Security & Privacy: Data Safety First

At Sire, security is not an afterthought. It is a core design principle. As a workflow engine that handles sensitive credentials, business logic, and API data, we have built multiple layers of protection to ensure your organization's data remains safe and isolated.

1. Multi-Tenant Isolation

Sire is multi-tenant by default. Every single database query, API call, and internal engine operation is scoped by a unique Tenant ID.

• Zero Leakage: Users in one organization can never see or access workflows, executions, or credentials belonging to another organization.
• Scoped Results: Even when the AI searches its Semantic Memory, it is restricted to the current tenant's vector space.

2. Secure Credential Management

Your credentials (API keys, connection strings, etc.) are the "keys to the kingdom." Sire treats them with the highest level of security.

• AES-GCM Encryption: All secrets are encrypted at rest using industry-standard AES-256-GCM.
• No Plaintext: Secrets are never stored in plaintext in our database.
• API Masking: When you view a credential in Mission Control, the secret value is never returned to the browser. You only see metadata (name, service type, last updated).

• Master Key: Encryption is managed by a per-environment master password that is never stored alongside the database.

3. Role-Based Access Control (RBAC)

Not everyone in your organization needs the same level of access. Sire's RBAC system lets you define who can do what:

• Owner: Full control over the tenant, including billing, team management, and all workflows.
• Editor: Can create, edit, and delete workflows; manage credentials; and run executions.
• Viewer: Read-only access to workflows and execution history. Perfect for compliance or monitoring.

4. File Sandboxing

When your workflows use the sire:local/file tools, they operate within a strict Sandbox.

• Root Isolation: All file operations are restricted to a specific base directory.
• Path Validation: Every file path is validated before any operation. If a workflow attempts to "escape" the sandbox (e.g., ../../etc/passwd), the engine immediately blocks the call and fails the step.

5. Rate Limiting and Budgets

To prevent "runaway" costs or unintentional API abuse, Sire includes built-in limits:

• Step Budget: Every execution can be limited to a maximum number of steps (e.g., 50) to prevent infinite loops in AI-generated graphs.
• Token Metering: We track and limit LLM token usage per tenant, ensuring that your AI costs remain predictable.
• API Rate Limiting: We enforce per-IP rate limits on our own API to prevent brute-force attacks or accidental DDoS from scripts.

6. Audit Logging

Every significant action in Sire is logged for auditing and compliance:

• User Actions: See who created a workflow, who updated a credential, and who triggered an execution.
• Execution Logs: Every step's inputs, outputs, and status are recorded with sub-millisecond precision.
• Admin Audit: Our internal administrators have their own audit log, ensuring that even our own team is held to the highest standards of transparency.

Our Commitment to Your Data

• We do not train our core models on your private data. Your workflows and results are yours alone.
• Encryption in Transit: All communication between your browser and Sire is encrypted using TLS 1.3.
• Regular Audits: We perform regular internal security audits and dependency scans to ensure our codebase remains robust.