Gateway defense in depth
The Vaikora gateway runs in a hardened container with minimal attack surface. TLS 1.3 termination, mTLS upstream, signed policy bundles, sandboxed module execution. The reference implementation is MIT-licensed and auditable in full.
Cryptographic audit chain
Every enforcement decision is hashed (SHA-256) and chained to the previous decision. Verifiable end-to-end by replaying the chain. Auditors can detect any insertion, modification, or deletion without trusting the vendor.
Tenant isolation
Single-tenant deployments are available on the Control Plane for customers requiring physical isolation. Multi-region failover for the audit chain is on the 2026 H2 roadmap.
Vulnerability disclosure
Coordinated disclosure via security@data443.com. Critical fixes target same-day patches; the open-source gateway is patched on the public GitHub release cadence.