Skip to main content
Meshesha Solutions

Security and compliance posture

Customer-Boundary Security by Design

Every Meshesha Solutions product is designed so that your prompts, API keys, audit logs, and model traffic never leave your infrastructure. We ship artifacts — you operate them.

The boundary model

Your tenant. Your data. Your control.

Meso-AI-Gateway runs inside your Google Cloud environment. Meshesha has no runtime access to your cluster, your traffic, or your data unless you explicitly grant it.

What stays in your tenant

  • Prompts and model inputs
  • API keys and credentials
  • Audit logs and usage telemetry
  • Model traffic and responses
  • Identity and access records

What Meshesha delivers

  • Helm chart and container images
  • Configuration documentation
  • Deployment runbooks
  • Security boundary descriptions
  • Update paths and change logs

Your infrastructure controls

  • You operate the GKE cluster
  • You configure network policies
  • You manage workload identity
  • You define rate limits and guardrails
  • You own the audit log destination

Engineering practices

How we build and deliver

Compliance-oriented engineering

  • NIST SP 800-171 aligned access control and logging patterns
  • CMMC-oriented engineering practices built into the architecture
  • Least-privilege IAM guidance included in deployment documentation
  • We state what is aligned — we do not claim certification we have not completed

Secure delivery practices

  • Dependency review on all shipped artifacts
  • Container hardening documentation
  • Documented update and rollback paths
  • Security issues acknowledged within 48 hours at contact@meshesha.solutions

Responsible AI posture

  • Model-neutral policy enforcement infrastructure — no model endorsement
  • PII detection and prompt-injection guardrail hooks configurable by the customer
  • Identity-aware usage tracking for accountability without centralized data collection
  • Audit logs structured for downstream compliance workflows

What we do not claim

We do not assert or certify your compliance posture — that is the role of your own assessor
We do not operate shared multi-tenant infrastructure that handles your prompts or API keys
We do not claim FedRAMP, StateRAMP, ISO 27001, or SOC 2 certifications we have not completed

See how the boundary model works in practice

Meso-AI-Gateway implements this security posture as a Kubernetes-native product — deployed in your GKE cluster, operated under your controls.

View Meso-AI-GatewayDiscuss Your Requirements