Trust is not a sidebar to the product. It is part of how the product behaves.
WorkSwarm combines the procurement-facing trust surface buyers expect with the in-product controls enterprise admins actually need: auditability, residency posture, sub-processor visibility, compliance-pack effects, and deployment choice.
In-product trust proof
What enterprise admins can see and verify
Trust Center
Certification state, deployment posture, key posture, residency, and downloadable artifacts.
Audit Log
Per-tenant immutable audit chain with search, export, and event-level visibility.
Sub-processors
Which third parties touch tenant data, what they do, and what is optional.
Compliance Packs
HIPAA, PCI, DPDP, and similar packs that change product behavior instead of sitting in PDFs.
Why this page exists
A public Trust Center is necessary. It is not sufficient.
Buyers need reports, control maps, and legal templates. Admins need evidence that trust is operational in the product itself. WorkSwarm is strongest when both stories are visible together: the artifacts for procurement and the in-product surfaces for day-two governance.
Enterprise onboarding
Domain claim, SSO, SCIM, residency, and compliance activation are part of setup, not afterthoughts.
Pack-driven behavior
Activating HIPAA, PCI, DPDP, or GDPR changes retention, provider eligibility, and user-facing controls.
Operator-facing trust
Audit and trust data are visible where the team works, not buried behind support tickets.
Deployment alignment
Cloud, Private, On-Prem, and sovereign postures map to different trust and control expectations.
Audited, attested, and verifiable.
Independent assessors audit WorkSwarm against globally recognized standards. Current status and reports are shared under NDA. If a certification is in progress, the timeline is here.
| Certification | Status |
|---|---|
| SOC 2 Type I | In progress |
| SOC 2 Type II | Planned |
| ISO 27001 | In progress |
| ISO 27017 (Cloud) | In progress |
| ISO 27018 (Privacy) | In progress |
| ISO 27701 (PIMS) | Planned |
| ISO 42001 (AI) | Roadmap |
| HITRUST CSF i1 | Planned |
| HIPAA BAA | In progress |
| FedRAMP Moderate | Roadmap |
| StateRAMP | Roadmap |
| CMMC Level 2 | Roadmap |
Your data is yours. The platform is built around that fact.
Customers control where data lives, who sees it, and the keys that protect it.
You choose where data lives
Pin to India, EU, US, or sovereign clouds. Records stamped at write time; cross-region writes refused at storage layer.
You hold your own keys
BYOK through your KMS. HYOK through your HSM - WorkSwarm cannot decrypt without your operational availability.
Your audit logs, your SIEM
Splunk, Sentinel, Sumo Logic, Elastic, Datadog. Hash-chained, signed per event, Section 65B ready.
| Control |
|---|
| Encryption at rest |
| Network isolation |
| Audit log destination |
| LLM provider |
Defense in depth, by design.
No single failure exposes data. Network, identity, encryption, key custody, secure SDLC, immutable audit, AI validation, and incident response are independent layers.
| Layer | Control |
|---|---|
| Network | VPC isolation, PrivateLink, WAF, DDoS mitigation |
| Identity | SSO (SAML/OIDC), SCIM, MFA, hardware keys |
| Authorization | RBAC + ABAC, JIT elevation, default-deny |
| Data at rest | AES-256-GCM, per-tenant keys, BYOK/HYOK |
| Data in transit | TLS 1.3, mTLS internal, cert pinning |
| Data in use | Confidential computing (Nitro, CVM) |
| Key management | Cloud KMS, HSM-backed, auto rotation |
| Audit logging | Immutable, hash-chained, signed, exportable |
| App security | Threat model, SAST, DAST, SBOM, pen test, bounty |
| AI safety | Output validation, tool gating, bias eval |
| Vendor mgmt | Sub-processor review, DPA, audit rights |
| BCP / DR | RTO 4h, RPO 15m, quarterly tabletop |
Pick your regulator. We meet you there.
50+ regulations covered. Here are the ones buyers ask about most.
DPDP Act 2023
Consent management, 30-day DSR SLA, residency pinning, breach notification to DPB.
GDPR
Full DSR automation, 72-hour breach notification, ROPA auto-generation, SCCs for transfers.
HIPAA
BAA available, Privacy/Security/Breach Notification Rules, encrypted PHI, 60-day notification.
RBI Cyber Framework
IT governance, payment data localization to India, audit rights for RBI examiners.
IRDAI Guidelines
24-hour incident reporting, 7-year retention, audit logs in IRDAI format.
CERT-In Direction
6-hour incident reporting, NTP sync, 180-day log retention.
EU AI Act
High-risk use case gating, FRIA, conformity assessment, human oversight.
SOX
ICFR controls evidence, 7-year audit log retention, change management.
CCPA / CPRA
Right to know, delete, correct, opt-out. Sensitive PI limits.
ISO 42001
AI Management System certified - lifecycle documentation, risk register.
Go next
Trust only works if buyers can trace it into the rest of the system.
The Trust Center is the top-level trust surface, but buyers also need to understand the security model, the runtime compliance layer, the in-product trust surfaces, and the enterprise setup path that activates those controls.
Security
See the AI-native security posture for grounded answers, tool execution, and approval-gated actions.
Compliance Engine
See how policy, residency, consent, and retention become runtime behavior instead of static promises.
Trust in Product
See how admins inspect audit logs, pack effects, and sub-processor posture inside the operating surface.
For Enterprise
See how domain claim, SSO, SCIM, and compliance-pack activation fit into enterprise rollout.
How your data flows.
Before the sub-processor register, here is the shape of the flow, shown with the heaviest example: a bank or NBFC under RBI localization. Your most sensitive data stays inside your environment; only tokenized signals and drafts cross the encrypted tunnel.
Never leaves your side
- Account numbers, full transaction history, card PAN
- Aadhaar, PAN, CKYC documents
- Internal credit scores and limits
- Any data subject to RBI localization
Crosses, encrypted
- Anonymous case IDs (mapped to real customers only inside the bank)
- Risk scores and aggregated signals
- Workswarm's draft replies and recovery scripts
- Cryptographically signed audit receipts
What Workswarm does
- Drafts customer communications in bank's tone
- Coordinates collections and complaint workflows
- Templates for RBI Banking Ombudsman replies
- Never sees PAN or card number. Only token IDs.
Every third party with access to your data.
New sub-processors get 30-day customer notice. You can object - and terminate without penalty if unresolved.
| Name | Purpose |
|---|---|
| AWS | Cloud infrastructure |
| GCP | Warm DR, analytics |
| Anthropic | LLM inference |
| Google (Gemini) | LLM inference |
| Twilio | SMS & voice |
| ElevenLabs | Voice synthesis |
| Stripe | Payments |
Every integration audited. Every tool invocation logged.
WorkSwarm uses MCP servers to connect your tools mid-conversation. Each integration is tiered by who built it, who reviewed it, and what data it handles.
WorkSwarm-certified
Built natively by WorkSwarm. Sub-processor reviewed, DPA signed. Deep orchestration integration with per-call audit logs.
Activepieces-backed
Powered by the Activepieces open-source engine. Customer-self-certified. Every invocation audit-logged with tenant isolation.
Custom MCP
Bring your own MCP server. Private to your tenant, deployed in your VPC. Full audit trail, zero data shared with WorkSwarm.
Security controls for all integrations
OAuth 2.0 + token vault
Credentials encrypted at rest with per-tenant keys. Tokens auto-rotated. Revoke anytime from chat or admin.
Per-call audit log
Every tool invocation logged with timestamp, caller, tool name, arguments (redacted), and response hash.
Scope-limited by default
Each MCP server gets the minimum scopes required. No broad access. Scope escalation requires explicit re-consent.
Disconnect anytime
One click to disconnect. Tokens revoked immediately. Audit trail preserved for compliance.
Frequently asked questions
Take what you need to your CISO.
Click any βAvailableβ report to read online and download as PDF.