SDVOSB Pending | 8(a) Pending | CAGE: 14JQ9 | UEI: NW3SNPP7QWF4 | SAM Registered | Defense-Aligned R&D

Security and Data Handling

Our approach to data protection, compliance alignment, and operational security.

Public Form Data

All form submissions are transmitted over TLS-encrypted connections. Form data is processed by Netlify and stored in accordance with their data processing agreement. No form data is shared with third parties. Contact information is used solely for responding to inquiries.

NDA Process

Technical artifacts, validation data, and detailed research findings are available under mutual NDA. Typical turnaround for NDA execution is 48-72 hours. Request an NDA packet through our contact form by selecting “Request NDA Packet” as the engagement type.

Data Retention

We retain business correspondence and contact information for the duration of the business relationship. No personal data is collected beyond what is voluntarily provided through our contact form. We do not use tracking cookies or third-party analytics.

Architecture Security Posture

AriaOS operates offline-first by design. Data never leaves operator infrastructure during normal operation. All inference, governance, and audit functions execute locally.

  • Full audit trail for all agent decisions and actions
  • Pre-inference compliance enforcement
  • No telemetry or phone-home capabilities
  • Cryptographic validation for model updates
  • Air-gap compatible by default

Compliance Alignment

NIST 800-171 Aligned

Security controls aligned with NIST SP 800-171 for protecting controlled unclassified information. Implementation documentation available under NDA.

ITAR-Aware

International Traffic in Arms Regulations awareness integrated into data handling procedures. All personnel are U.S. persons. No foreign national access to controlled technical data.

CUI Handling

Procedures established for handling Controlled Unclassified Information. Appropriate marking, storage, and transmission protocols in place.

What We Do Not Have

In the interest of transparency, the following certifications and authorizations are not currently held:

These are documented honestly. We do not overclaim compliance posture. If your engagement requires any of these certifications, we will discuss feasibility and timeline during initial consultation.

Vulnerability Disclosure

If you discover a security vulnerability in any ResilientMind AI system or website, please report it through our contact form. Select “General Inquiry” as the engagement type and include “Security Disclosure” in the subject of your message. We take all reports seriously and will respond within 48 hours.

Report a Vulnerability