Trust
Security
Boson is designed to help teams ship LLM products safely. This page summarizes our security posture and recommended practices for using Boson in production.
Encryption in transit
Traffic is protected with TLS. Use secure networking and rotate credentials regularly.
Encryption at rest
Stored data is protected at rest. Store only what you need—use redaction and truncation by default.
Access control
Use least privilege, separate environments (dev/staging/prod), and rotate project keys on a schedule.
Operational safety
Prefer eval gates and rollbacks for prompt changes. Monitor traces for errors, latency, and cost regressions.
Recommended practices
- Redact sensitive fields before emitting traces and datasets.
- Use sampling in production and keep 100% of error traces.
- Separate keys by environment and rotate on a defined cadence.
- Gate prompt/model changes with evaluations and baselines.
Vulnerability reporting
If you believe you’ve found a security issue, please contact us. We’ll respond as quickly as possible and coordinate a responsible disclosure.