SECURITY

Mission-grade security, built into the platform.

LTL.ai operates real spacecraft. The security posture has to match. FedRAMP-aligned hosting, FIPS-validated crypto, signed command chains, sovereign deployment options, and a security team that publishes its work.

Request SOC 2 Report Vulnerability Disclosure

CERTIFICATIONS & COMPLIANCE

What we hold today.

CLOUD

FedRAMP

Moderate authorization; High in progress.

CRYPTO

FIPS 140-2

Validated modules across all command paths.

CONTROLS

SOC 2

Type II report available under NDA.

ISO

27001

Certified; scope covers all production services.

HOW WE SECURE COMMANDS

A signed, audited path from intent to uplink.

SIGNED COMMANDS

Every command is signed end-to-end by hardware-backed keys. Spacecraft verify before execution where the bus supports it.

POLICY GATES

Mission constraints are policy-as-code. Every command passes through the gates you wrote, every time.

DUAL CONTROL

Configurable two-person approval on high-impact commands. Approvers can't be the requestor.

IMMUTABLE AUDIT

Every action — plan, sim, approval, uplink — is written to a tamper-evident log. Exportable on demand.

RBAC PER COMMAND

Role-based access at the individual command level. Hardware keys required for production-impacting actions.

SOVEREIGN OPTIONS

Single-tenant, sovereign-region, or air-gapped deployment for the highest-assurance customers.

RESPONSIBLE DISCLOSURE

If you've found a vulnerability, we want to hear from you.

Email justin@pondata.com. Encrypted submissions accepted — PGP fingerprint B7C2 4F9E 81D5 6A33 EF12 9C40 7AA1 3B6D 1E58 0042. We acknowledge within 24 hours and post-mortem within 30 days. Safe-harbor terms documented in our policy.

Walk the security posture with our team.

Architecture review, control mapping, evidence package — happy to go deep.

Schedule a Security Review

× Hi — I'm Atlas. Ask me anything about LTL.ai.