Security
Security is enforced through boundaries, not just policy text.
Neuralbase is currently operated as a pragmatic production platform: a single VM with explicit limits, private infrastructure components, and isolation at the collection, key, and workspace boundaries.
Current controls
What is in place today.
This is the current operational posture, not a generic promise deck. It reflects how the platform is actually wired today.
| Area | Current control |
|---|---|
| Access control | Dashboard access uses signed sessions. Runtime access uses scoped API keys. Quota enforcement runs after auth so the platform limits attach to the right account. |
| Data isolation | Vector data is stored in per-user Qdrant collections rather than one shared tenant collection. Organization membership and key scope continue to gate workspace actions. |
| Storage and recovery | All plans use persistent storage. Paid plans receive daily snapshots with 30-day retention. Restore handling is manual and operationally controlled. |
| Abuse protection | Redis-backed rate limits, plan quotas, and request metering are used to protect a single-VM deployment from burst abuse and runaway usage. |
| Lifecycle controls | Deleting memories or documents removes the live record from the active service path, though retained backups may persist until their retention window expires. |