What an honest AI security page looks like

Most security pages from small AI firms are written to survive a skim, not a question. Badge-shaped graphics, "military-grade encryption," "fully compliant," and not one sentence a buyer could actually check. Ours takes the opposite approach, starting with what we are not certified in. This post explains the reasoning, and doubles as a checklist for evaluating anyone else's security story.

The cheap-claim problem

"SOC 2 certified" is the most common security claim in B2B and one of the easiest to fake on a website, because almost nobody asks for the report. Then enterprise procurement does ask, and a claim without a report is instantly fatal, both to the deal and to every other statement on the site. The same goes for "military-grade encryption," which specifies nothing, and blanket "GDPR compliant" statements, which no services firm can honestly make on a client's behalf.

Look at how the most scrutinized AI companies handle this instead. The trust centers that Anthropic and OpenAI publish are lists of short, falsifiable statements with documents behind them. The tone is declarative and boring. That is the register a security page should be written in, and it is available to a firm of any size, because honesty does not require an auditor.

What a firm our size can say honestly

We are not SOC 2 attested. We are not ISO 27001 certified. Publishing that costs us the buyers who filter on badges alone, and it buys something more valuable: every remaining claim on the page becomes credible, because we have demonstrated we will not inflate.

What we can claim honestly are practices, with precise wording. Controls aligned with SOC 2 trust services criteria is a different statement from "SOC 2 certified," and the difference is the whole game. Systems built against the OWASP Top 10 for LLM Applications (OWASP, 2025) is a practice claim a buyer can interrogate in a technical call. Risk management informed by NIST's AI Risk Management Framework (NIST, voluntary by design) is the same kind of claim. The test for every line is simple: could a motivated buyer verify or falsify it? If not, it should not be on the page.

The strongest claim is architectural

The single strongest security statement a consultancy can make has nothing to do with certificates: we deploy inside your cloud, so your data never leaves infrastructure you already control. That shifts the trust question away from our company and onto your own environment, where your existing security review already applies. For a services firm that builds systems rather than hosting your data in its own product, this is the honest center of the security story.

The same principle runs through our own architecture. Authentication lives in one database. Each client's data lives in its own fully isolated instance. Our internal knowledge vault runs on a third, separate instance that never touches client data. Isolation is a structural guarantee, not a policy promise.

Claims you can verify without trusting us

The model providers underneath every AI system publish their own commitments, which means some guarantees are inherited and independently checkable. Commercial API tiers from both Anthropic and OpenAI do not use customer inputs and outputs for model training by default, and zero-data-retention arrangements exist for workloads that need them. You do not have to take any vendor's word for this, ours included: the terms are published at trust.anthropic.com and trust.openai.com. An honest security page links you there instead of paraphrasing.

OWASP as an engineering checklist

The OWASP Top 10 for LLM Applications (OWASP, 2025) is the closest thing the industry has to a shared definition of "we thought about AI security."

10

The useful move is treating it as an engineering checklist rather than a logo. Prompt injection defense means layered controls, input validation, context isolation and least-privilege tool access, because no single fix exists. Sensitive information disclosure means redacting personal data before it ever reaches a model API. Excessive agency, the risk of an AI system empowered to act beyond its mandate, is mitigated by the human approval gates we already build into every pipeline for reliability reasons. Security and reliability engineering converge on the same architecture.

The Canadian part

For Canadian firms the regulatory picture is concrete. There is no federal AI statute in force today: AIDA, the proposed AI and Data Act, died with the prorogation of Parliament in January 2025. PIPEDA applies right now to personal information moving through AI systems. Quebec's Law 25 has the sharpest teeth, including transparency obligations for automated decisions and breach notification to the regulator within 72 hours (Law 25, Quebec). The honest formulation, and the one we use, is "designed to support your compliance with PIPEDA and Law 25," never "compliant" as a blanket adjective. Canadian data residency is also a real, checkable option, with Canadian-region deployments available from the major cloud providers.

The three questions underneath it all

Every security questionnaire reduces to three questions. Do you take security seriously? Can you demonstrate it concretely? Are you moving toward formal attestation? A page of specific, verifiable, modestly-worded claims answers all three. A wall of badges answers none of them, and sophisticated buyers know which firms tend to hide behind which.

Read our security page with this checklist in hand, then read your other vendors' pages the same way. The insights are free. If you want help building systems your lawyer and your CISO can both sign off on, start with the free audit.