Security
Defense-in-depth across infrastructure, application, and data layers. Product security reviews and threat modeling gate every release.
EmpowerNow is a product line of EmpowerID and inherits the compliance program, infrastructure controls, and operational practices of the parent platform — independently audited by Prescient Security.
Controls audited by Prescient Security.
Security Architecture
Three-Zone Credential Isolation
ARIA enforces a strict three-zone architecture where OAuth tokens never leave the server-side vault. This is not a configuration choice — it is an architectural constraint enforced at every layer.
Session cookies only. No tokens, no secrets, no credential material in client-side JavaScript context. XSS cannot extract what does not exist.
Backend-for-Frontend proxies requests with authorization context. Receives data responses, never raw tokens. Token references only.
Tokens stored, used, and rotated server-side. The vault makes the API call on behalf of the requestor and returns only data. Tokens are never returned to callers.
Cryptographic Tool Integrity
Every approved MCP tool schema is cryptographically signed as a Pin JWS containing: tool identity, schema hash, operation class, egress allowlist, publisher key, and grace period.
At invocation, the ARIA Gateway verifies the pin against the live tool schema. Exact match or previous-version-within-grace-period: proceed. Anything else: fail-closed. Schema changes produce a tamper-evident receipt, creating an audit trail of modification attempts.
Tamper-Evident Receipt Chains
Every authorization decision produces an RS256-signed JWS receipt containing the decision ID, policy hash, delegation context, budget state, and outcome. Receipts are hash-chained per agent — each receipt includes the hash of the previous receipt, making retroactive tampering detectable.
Receipt chains provide the evidence trail that auditors require: not mutable log entries, but cryptographically linked, independently verifiable records of every agent action.
Egress Control
Each tool pin includes an approved egress allowlist. The Gateway blocks calls to unapproved network targets and rejects connections to private IP ranges. If a tool update changes the egress target, the pin mismatch triggers fail-closed verification — preventing supply-chain drift from redirecting agent traffic.
Threat Framework Coverage
OWASP LLM Top-10
ARIA maps controls to 8 of 10 OWASP LLM risks. The remaining two (Training Data Poisoning, Model Theft) are model provider responsibilities.
View full mapping →MITRE ATLAS
Defenses mapped across 5 adversarial ML tactics: resource hijacking, model access, evasion, exfiltration, and impact/abuse.
View full mapping →Threat-to-Control Reference
Secure Development Lifecycle
Threat Modeling
Every feature undergoes threat modeling before development begins. Security reviews gate releases.
Dependency Management
Automated dependency scanning, vulnerability alerts, and supply-chain verification for all production dependencies.
Responsible Disclosure
Security researchers can report vulnerabilities to security@empowernow.com. We acknowledge reports within 48 hours.
Security questions?
Request a security architecture review or ask about our compliance program, penetration testing, or incident response practices.
Request Security Review