Security
echology, Inc. | March 2026
Local-First Architecture
Echology's processing pipeline runs entirely on your infrastructure. There is no multi-tenant cloud environment. There is no shared database. Document ingestion, classification, embedding, and retrieval execute on hardware under your physical control.
This eliminates entire categories of cloud security risk: no cross-tenant data leakage, no third-party cloud provider access, no data in transit across the public internet during processing.
Security Controls
- Network security. All services bind to localhost by default. External access requires explicit configuration. All external-facing endpoints served over HTTPS with TLS 1.2+.
- Security headers. Content-Security-Policy, X-Content-Type-Options, X-Frame-Options, Referrer-Policy on all responses.
- Authentication. PBKDF2-HMAC-SHA256 password hashing (600,000 iterations). Per-IP and per-email rate limiting. Session-based access with 7-day TTL.
- Input validation. Request size limits on all endpoints. File upload limits (50MB per file, 20 files per upload). Null byte and symlink protection. Parameter clamping.
- Minimal dependencies. Core classification library (Decompose) has zero runtime dependencies beyond the Python standard library. No outbound network calls during processing. LLM inference runs locally via Ollama.
Data Handling
- In transit. For on-premise deployments, client data does not traverse any network outside your infrastructure. No telemetry, no usage reporting, no data exfiltration path.
- At rest. SQLite databases on local filesystem. Vector embeddings in local Qdrant instance. All secrets stored in environment variables, excluded from version control.
- Isolation. Each client engagement operates as a fully isolated instance. No shared infrastructure between clients. Compound unique constraints prevent cross-deployment data leakage at the database level.
Subprocessors
Echology uses no third-party subprocessors for data processing. LLM inference runs on local hardware via Ollama. Classification is fully deterministic and runs in-process. There is no OpenAI, no AWS, no external API in the processing path.
Audit Trail
Every action in the system is recorded with timestamp, actor, action type, and cryptographic hashes. Our Aletheia verification engine produces an immutable, tamper-evident audit chain. If any entry is modified after the fact, the chain verification fails.
SOC 2 Roadmap
| Milestone | Target |
|---|---|
| All policies formalized | Q2 2026 |
| Penetration test completed | Q3 2026 |
| SOC 2 Type I audit | Q4 2026 |
| SOC 2 Type II report issued | Q3 2027 |
For security inquiries or vulnerability reports: hello@echology.io
This document describes echology's security posture as of March 2026.