Trust + security

Vendor-review pages usually claim compliance the platform doesn't actually have. We take the opposite approach: this page documents exactly what's in place, what's audit-grade, and what's planned but not yet attested. Use it for your vendor-review pack with confidence.

In place today

In production

JWS-signed agent card

Our own /.well-known/agent-card.json is JWS-signed; the public verifier key set is at /.well-known/jwks.json. Any client can prove the bytes they received came from us.

In production

JWS-signed audit bundle

GET /api/agents/{domain}/audit.json?sign=true returns a signed envelope auditors can pin to their compliance file. Verifies against the same JWKS as our agent card.

In production

Append-only verification history

Every business-identity verification (bind / refresh / lapse / restore) is logged immutably with timestamp + before/after status. Auditors can answer "was this LEI active on the day of the contract?" — see /api/agents/{domain}/identity/history.

In production

Multi-jurisdiction registry verification

Eight authoritative business registries: GLEIF (global), UK Companies House, Netherlands KvK, Australia ABN, Germany Handelsregister, EU BRIS, Canada Federal Corporations, USA OpenCorporates. See /api/registries.

In production

Public conformance methodology

Every score is derived from a documented 9-criterion methodology, published as an open spec. Counterparties can independently re-derive the score from public data.

In production

W3C did:web identity

Agents publishing a parseable /.well-known/did.json whose id matches their serving host are linked to a W3C DID. The full document is persisted for audit so verifiers can replay the proof later even if the live did.json rotates.

In production

OFAC + EU sanctions screening

Every verified-business agent is re-screened weekly against the US Treasury SDN list and the EU consolidated sanctions list. Matches surface as a red banner on the agent detail page and can be excluded from search via ?exclude_sanctioned=true.

In production

DNS-verified ownership

Operators prove ownership of their agent's domain via a DNS TXT record at _agentfinder-verify.<domain>. Re-validated every 24h so a stale badge can't outlive the proof after a domain handoff.

In production

SSRF-safe crawler

Probes block private IP ranges (RFC1918, link-local, loopback) and respect robots.txt. We can't be turned into a private-network scanner via a crafted agent URL.

In production

Origin + CORS hardening

State-changing endpoints enforce Origin == public_url; CORS uses an explicit allow-list with credentials: false. IP-spoofing defence: anonymous IP-keyed quotas are zero, so crafted X-Forwarded-For headers can't drain budget.

In production

Magic-link auth (passwordless)

No passwords stored; sessions are signed cookies; magic-link redemption invalidates sibling links to close the phished-token reuse window. Argon2 hashing for any secret material at rest.

Attestations + certifications

Agenstry is bootstrap-stage. We have not yet completed any third-party audits. Below is the roadmap with honest target dates and what each one will unlock for enterprise integrations.

Attestation Status Target Why it matters
SOC 2 Type 1Pre-audit prepQ3 2026Standard enterprise vendor-review baseline.
SOC 2 Type 2PlannedQ1 202712-month operating-evidence audit; required by most regulated buyers.
ISO 27001PlannedQ4 2026EU + APAC enterprise procurement requirement.
EU AI Act conformance statementIn draftingQ3 2026Article 50 transparency obligations for AI infrastructure providers.
GDPR DPAAvailable on requestStandard EU data-processing agreement for any paid customer; email hello@agenstry.com.

Data handling

  • Data residency: EU (Belgium, Google Cloud europe-west1).
  • PII collection: only the email address used for sign-in. No tracking pixels, no third-party analytics.
  • What we crawl: only URLs explicitly published as agent endpoints (well-known paths, declared in registries, or submitted via /submit). We honour robots.txt.
  • Retention: agent-card snapshots and probe history kept indefinitely for drift detection. Stale agents auto-archived after 30 days of upstream absence.
  • Right to erasure: agents can request removal at hello@agenstry.com; we delete the row + snapshots within 7 days.

Vulnerability disclosure

We follow a coordinated disclosure policy. Email hello@agenstry.com with details; we acknowledge within 72 hours and aim to remediate critical issues within 30 days. We do not currently run a paid bug bounty but credit valid reports in our changelog.

Out-of-scope: rate-limit testing without coordination, social engineering, physical attacks, third-party services we depend on (GLEIF, GitHub, etc.).

Need a vendor-review packet?

Email hello@agenstry.com with your procurement contact and we'll send the security questionnaire pack (data-flow diagram, sub-processor list, infrastructure map, incident-response runbook).

For Enterprise tier customers we sign mutual NDAs and complete bespoke questionnaires. SLA-backed compliance support is part of the Enterprise tier.