Security Architecture
Witboost is designed with a defense-in-depth security model. As a control-plane platform, it operates exclusively on metadata and governance artifacts — never on your actual data.
Platform Architecture
Witboost is a container-based microservices platform deployed on Kubernetes. It consists of four main modules:
1. Control Plane
Provides services for creating and deploying data products, AI agents, and other system components through the UI or REST API. Includes:
- Template engine and scaffolding
- Computational governance engine
- Policy engine that evaluates governance rules at deploy time, runtime, or on schedule
2. Marketplace
Manages access to system metadata, provides a searchable catalog, and handles output port access requests. This is the consumer-facing interface of the platform.
3. Witboost Extensions (Tech Adapters)
Independent microservices that translate platform commands into technology-specific operations (e.g., creating a Snowflake schema, deploying a Databricks job). Tech Adapters run within the customer's environment.
4. Builder (CI/CD Integration)
Orchestrates the deployment pipeline, integrating with the customer's existing CI/CD system (GitLab, Jenkins, Azure DevOps, GitHub Actions).
Security Control Framework
Witboost implements a comprehensive security control framework:
| Control Area | Implementation |
|---|---|
| Network Security | All components communicate over TLS 1.2+. No direct internet-facing access required. |
| Identity & Authentication | Delegated to customer's IdP via OAuth2/OIDC. MFA policies controlled by customer. |
| Authorization | Role-Based Access Control (RBAC) with least-privilege principle. |
| Secrets Management | Integration with HashiCorp Vault or Kubernetes Secrets with encryption at rest. |
| Data Segmentation | Complete separation of customer data. Multi-tenant isolation at infrastructure level. |
| Secure SDLC | Security integrated throughout the software development lifecycle. |
| Environment Separation | Separate development, test, and production environments. |
No Standing Access
In the standard deployment model, Agile Lab does not have standing or persistent access to the Witboost platform deployed in the customer environment. The platform runs entirely within the customer's own infrastructure, and Agile Lab is not required to connect to it for the platform to operate.
Access may only occur during explicitly defined professional services engagements (implementation, onboarding, configuration). In all cases:
- Access is initiated by the customer and does not occur automatically
- Sessions are time-bound with configurable timeout (default: 30 minutes)
- All access is logged and auditable with tamper-evident audit trails
- Access is restricted to EU/EEA-based personnel only
Network Isolation
Witboost supports full network isolation:
- No phone-home or telemetry — Witboost does not send usage data, analytics, or diagnostics to Agile Lab
- No mandatory outbound connections — The platform can operate in a fully air-gapped environment
- VPN/Bastion only — When Agile Lab personnel require access, they connect only via customer-provided secure channels
The only potential outbound connections are:
- Container registry (during upgrades) — can be mirrored internally for air-gapped deployments
- AI features (optional, disabled by default) — routed to the customer's own Azure OpenAI or equivalent service
Sub-Vendor Security
Agile Lab evaluates and verifies sub-vendors' security compliance. All sub-processors are bound by Data Processing Agreements imposing equivalent security obligations.
Penetration Testing
Witboost undergoes regular third-party penetration testing. Results and remediation reports are available upon request under NDA.
For detailed security documentation, visit the Agile Lab Security Handbook.