Skip to content
Committed
ENעב
Book a call

Audit-grade by default.

Every Committed deployment ships with signed audit, redaction-before-egress, VPC isolation, and the controls our customers' regulators ask about by name.

Certifications & frameworks

What we hold, and where it applies.

SOC 2 Type II

Annual audit. Trust services criteria — security, availability, confidentiality.

ISO 27001

Information security management system, recertified yearly.

HIPAA

BAA available. Applies to all healthcare deployments.

IS 5568

Israeli accessibility standard. Enforced in CI on every patient-facing UI.

WCAG 2.1 AA

Accessibility baseline. Tested with assistive tech, not just lighthouse.

IL Landing Zone

Israeli government cloud baseline. Apollo runs here.

Controls

What ships in every deployment.

  1. ·
    Signed audit log
    Every model decision is signed and replayable. We can show you the exact prompt and response that produced any answer your customer saw.
  2. ·
    Redaction before egress
    PII is stripped before tokens leave your VPC. The model never sees what it does not need.
  3. ·
    VPC isolation
    Customer data never crosses tenant boundaries. Each deployment is its own stack.
  4. ·
    Eval-gated releases
    Regression tests block deploys. No model change reaches production without passing the harness.
  5. ·
    Incident protocol
    24/7 on-call for the first 90 days post-cutover. Documented escalation. Postmortem within 5 days.
  6. ·
    Data minimization
    We retain the smallest viable footprint. Audit logs are encrypted at rest and pruned per retention policy.
For your security team

Request our SOC 2 report, BAA, and pen-test summary.

Request via contact