v2026.04
Read release notes
exAI Agentic OSexAI
Join the waitlist
§ 01 / 06
Trust Center · live postureStatus · incidents · sub-processorsFor CISOs, security architects, procurement.
Posture green · last verified 04:11 UTC
exAI Agentic OS · Trust Center

Trust as a live posture,
not a PDF.

This page is the operator memory: the current month's posture, the last quarter's incidents, and the next audit dates — kept fresh by the same control plane your auditors will read.

Status feed, incident history, vulnerability disclosure policy, sub-processor list, and the personnel-access controls that decide who at exAI can ever touch your data. Numbers are real. Dates are current. Subscribe and the next advisory lands in your inbox before the patch ships.

Subscribe to security advisoriesReport a vulnerability
Status feed · liveCoordinated disclosurePublic sub-processor listSIEM-replicated personnel access
Posture · live · v2026.05
probe #04183
Uptime · YTD
0.000%
rolling 12-mo · 4.83 min downtime
P1 incidents · 90d
0
last P1 · Aug 2025 · 23min MTTR
Vulns disclosed · YTD
0
0 critical · 2 high · 8 mid · 4 low
Median triage · P0/P1
0h
p95 9h · 24×7 SOC · 6 SREs
next external audit · Jul 2026● ready
Fig. 01 · live trust signalsStreamed from control plane
§ 02 / 06
System status · live

Six surfaces.
One honest board.

The same probes that page our SREs power this board. We do not edit the green. Degraded surfaces stay yellow until the postmortem closes — not until the marketing team feels comfortable.

Workspace
Firecracker microVMs · 4 regions
operational
0.000%
Feb 02, 2026 · prebuild cache
Composer
router · plan-diff-apply · streaming
operational
0.000%
Apr 14, 2026 · router timeout
Builder
scaffolding · preview · deploy
operational
0.000%
no incident · last 180 days
Orchestrator
long-running runs · checkpoint store
degraded
0.000%
investigating · ap-southeast-1
API
v1 · /runs · /workspaces · /audit
operational
0.000%
Mar 22, 2026 · SCIM webhook
Webhook bus
outbound · 14 sinks · SIEM relay
operational
0.000%
Mar 22, 2026 · SCIM delivery
Status feed · status.exai.dev · RSS available
1s probe cadence3 external monitorsauto-paged on yellow
Subscribe via RSSWebhook · status.exai.dev →
§ 03 / 06
Incident history

Last quarter, in
receipts.

Every incident with customer-facing impact lands here within 72 hours of resolution. Postmortems are public, not paywalled. We name root causes, not symptoms; we name dates, not weeks-ago handwaving.

P3Apr 14, 2026

Composer router timeout in eu-west-1

Root cause · Upstream model provider failure cascaded to router queue.

MTTR
0m
Affected scope
2.4% of requests · eu-west-1 · 18 minutes
P2Mar 22, 2026

SCIM webhook delivery delayed

Root cause · Queue backpressure from a single tenant’s burst sync.

MTTR
0m
Affected scope
1 tenant · webhook bus · catch-up replayed clean
P3Feb 02, 2026

Prebuild cache eviction in us-east-1

Root cause · Disk pressure on cache tier · LRU eviction window opened.

MTTR
0m
Affected scope
0.6% of workspaces · cold-build fallback worked
P3Jan 16, 2026

Audit log Splunk lag

Root cause · Downstream Splunk HEC backpressure · streaming-only path.

MTTR
0m
Affected scope
Streaming-only tenants · Iceberg WORM unaffected
4 incidents · 90 days · 0 customer-data exposurePostmortem within 72h · publicSLA credits applied automatically
Full incident archive
§ 04 / 06
Vulnerability disclosure

Coordinated.
Paid. Public.

Researchers are partners, not threats. We operate a published disclosure program with tiered bounties, safe-harbor language aligned with industry norms, and a public CVE history that names every issue we shipped a fix for.

exAI runs a coordinated-disclosure program. Researchers who report in good faith receive safe harbor under our policy: no legal action, no contract enforcement, no platform throttling. We acknowledge inside one business day, scope inside three, and patch inside the agreed disclosure window — typically 90 days, faster for in-the-wild issues.

The full policy, scope boundaries, and out-of-scope list are published at security.exai.dev/disclosure. Reports go to security@exai.dev encrypted under the PGP key below — or via HackerOne for researchers who prefer that channel.

  • 90-day disclosure window
    Coordinated disclosure timeline aligned with industry norms. We commit to a fix or a documented mitigation before public disclosure.
  • Bounty tiers · $50k → $500
    Critical · $50,000. High · $25,000. Medium · $5,000. Low · $500. Paid on verified report; no NDA required.
  • Hall of fame · 41 researchers
    Public credit on first valid report. Researchers retain the right to publish their findings after the disclosure window closes.
  • PGP · F4D2 8C19 7A3B 11E0
    security@exai.dev · key-id F4D2 8C19 7A3B 11E0 · key.exai.dev/security.asc · rotated annually.
PGP key · F4D2 8C19 7A3B 11E0Report a vuln
cve · most recent · public
14 YTD
  • CVE-2026-04812Mediumcomposer/router-policy2026-04-02 · fixed v2026.04.1
  • CVE-2026-03991Highworkspace/firecracker-bridge2026-03-15 · fixed v2026.03.2
  • CVE-2026-02788Mediumapi/scim-webhook2026-02-21 · fixed v2026.02.3
  • CVE-2026-01433Lowbuilder/preview-proxy2026-01-09 · fixed v2026.01.1
  • CVE-2025-12044Highorchestrator/checkpoint-store2025-12-19 · fixed v2025.12.4
  • CVE-2025-11876Mediumaudit/iceberg-relay2025-11-30 · fixed v2025.11.2
schema · ID · severity · component · disclosed · fixed● live
Fig. 02 · last six CVEscve.exai.dev · JSON feed
§ 05 / 06
Access · Sub-processors

Who can touch it.
Where it lives.

The full vendor list, the purpose, the region, and the DPA status. Plus the four personnel groups at exAI that can ever hold a token against your tenant — and the audit replication that makes every one of their actions visible to you.

sub-processors · 5 of 12 shown
DPAs · 12 / 12 on file
Anthropic
Model inference · Claude family
US
Yes
Apr 02, 2026
OpenAI
Model inference · GPT family
US
Yes
Mar 19, 2026
Google AI
Model inference · Gemini family
US / EU
Yes
Mar 11, 2026
AWS
Compute + storage · region-pinned
Region-pinned
Yes
Feb 27, 2026
Datadog
Logs + APM · customer SIEM relay
US / EU
Yes
Feb 04, 2026
Full sub-processor list →30-day notice on additions · subscriber feed
personnel · access classes
● 4 / 4 enforced
  • Engineeringbreak-glass only · 2-person rule

    No standing access. Break-glass requires a paged ticket, a second engineer’s approval, and writes a customer-visible audit event in real time.

  • Supportscoped per-ticket · auto-revoke 24h

    Scoped to the ticket’s tenant and the ticket’s minimum data class. Tokens auto-revoke 24h from grant or on ticket close — whichever is sooner.

  • ML researcherszero-access to tenant data

    ML researchers have no production access. Training corpora are synthetic or licensed. No customer prompts, no customer outputs, ever, on any tier.

  • Operationsaudit-replicated to your SIEM

    Every operations action — config push, schema migration, KMS rotation — replicates to your SIEM in under one second with the original actor identity.

quarterly access review · external auditor● green
Fig. 03 · personnel surfacepolicy.bundle v2026.05
§ 06 / 06
Subscribe · briefing · receipts

We keep the receipts.
So your auditors are kept happy.

Subscribe to security advisories and you will hear about the next CVE before the patch ships. Request a briefing and a Fortune-100-grade compliance package — controls matrix, pen test summary, latest audit response — lands in your secure inbox under NDA inside one business day.

Subscribe to advisoriesRequest enterprise briefing
SOC 2 Type IIISO 27001HIPAAPCI DSS 4.0GDPR · DPF
Trust Center · v2026.05Last verified 04:11 UTCsecurity@exai.dev · PGP F4D2 8C19 7A3B 11E0