▸ Trust & Security
A security product is a trust product.
You're inviting an auditor into your most sensitive code. Here is exactly how that relationship is protected: by architecture, not by promises.
Air-gap first, not air-gap eventually.
The appliance was designed for the disconnected case from day one: on-premises install, zero telemetry, FIPS 140-3 cryptography, IL5/CMMC support. If your threat model says "nothing crosses the boundary," Bodhi agrees with your threat model.
Signed, attested, post-quantum ready.
Every release is cryptographically signed and every install attests what it runs, with post-quantum signatures alongside classical ones, so the chain of custody survives the next decade of cryptanalysis, not just the current one.
Coordinated disclosure, in writing.
We publish a security policy under RFC 9116, we credit researchers, and we commit to remediation before public disclosure. If you find something, security@bodhi.security reaches humans who have triaged real CVEs.
Data minimalism, even in the cloud beta.
The waitlist is an email address. This site sets no cookies, runs no trackers, and loads not a single third-party script. Every byte it serves originates from this domain. Audit it; it's the smallest attack surface we could ship.
This very website, as evidence.
- Strict Content-Security-Policy. Only same-origin scripts can ever execute here; inline injection is dead on arrival.
- HSTS with preload. Browsers refuse to speak to us over anything but TLS, on every visit including the first.
- Clickjacking and MIME-sniffing disabled. Frame embedding denied, content types enforced, referrers stripped to origin.
- Zero third-party dependencies. Fonts embedded, scripts first-party, no CDNs to compromise. A supply chain of one.
Found something? Tell us.
We acknowledge responsible disclosures and we remediate before we talk.