Trust & Safety

Security controls

Security-conscious controls built into PIILOT’s current architecture.

PIILOT is designed around SOC 2 and ISO 27001-aligned controls. This describes the security posture and design direction; it is not a claim of certification unless PIILOT separately publishes an audit report or certification statement.

The current architecture includes account-scoped data access, secure authentication patterns, integration status tracking, request-origin checks, rate limiting, and approval-aware automation design.

Current controls reflected in the product

Passwords are stored as hashes, not plain text.
Session tokens are hashed server-side and delivered through a secure HTTP-only session cookie.
Session cookies use Secure and SameSite=Lax attributes.
Write requests use same-origin checks.
Authentication and workflow planning endpoints apply rate limits.
Workflow and integration records are scoped by account id.
Connector actions are modeled with contracts, required fields, safety notes, and setup statuses.
MCP clients use bearer tokens, scopes, status tracking, and revocation.

Security layers

flowchart TD
  A[User session] --> B[HTTP-only secure cookie]
  B --> C[Hashed server session]
  C --> D[Account-scoped database queries]
  D --> E[Workflow and integration records]
  F[Write request] --> G[Same-origin guard]
  H[High-volume action] --> I[Rate limit]
  J[External agent] --> K[MCP bearer token and scopes]

Compliance wording

Use “SOC 2 and ISO 27001-aligned controls” unless and until PIILOT has completed the relevant audit or certification process.