Security & Compliance
Security and compliance for governed AI coding
MegaBrain gives security, privacy, legal, and platform teams a clear path to evaluate AI coding — with the controls and documentation your review process expects.
Compliance & contracting
- ✓SOC 2 materials available during security review
- ✓DPA and security review materials on request
- ✓Subprocessor information for legal & privacy review
- ✓Standard MSA and enterprise contracting support
Data protection
- ✓Encryption in transit and at rest
- ✓No retention of AI prompts and outputs on paid plans
- ✓BYOK and approved-provider routing options
- ✓Data-residency and dedicated proxy gateway options
Access controls
- ✓SSO / SAML and OIDC
- ✓SCIM provisioning and deprovisioning
- ✓Role-based access control (RBAC)
- ✓Provider and model allowlists by organization policy
Operations & response
- ✓Audit logs for governed rollout and investigation
- ✓Incident response and customer-notification workflows
- ✓SLA commitments and priority support
- ✓Compliance artifacts kept current for review
What buyers can validate
- ✓How code and prompts are handled (no training, no retention on paid plans)
- ✓Which providers and models your org allows, and how routes are enforced
- ✓How identity, provisioning, and access are managed (SSO/SCIM/RBAC)
- ✓What is logged for audit and how incidents are handled
Documents & next steps
Request our security review packet — SOC 2 materials, DPA, MSA, subprocessor list, data-retention policy, and an architecture overview — and we'll walk your team through evaluation.