Protected portfolio records
Controls include encryption at rest, TLS in transit, tenant-aware access policies, data-retention settings, and consent-based ingestion.
Trust Posture
Security and AI governance are part of the product, not an afterthought.
Portfolio data is sensitive. Stat Edge Capital is designing the platform around data minimization, encryption, permission boundaries, model evaluation, and documented human review.
Traceable model output
AI responses are designed to include source references, scenario assumptions, confidence notes, reviewer identity, and timestamps.
Auditable releases
Production processes include environment separation, deployment logs, monitoring alerts, vulnerability scanning, and incident playbooks.
Control Matrix
Security controls for secure product operation.
| Control area | Implementation approach |
|---|---|
| Identity and access | Role-based access, least privilege, MFA, tenant-scoped workspace permissions. |
| Encryption | Managed encryption keys, encrypted databases, encrypted object storage, TLS-only access. |
| Model governance | Prompt versioning, evaluation datasets, output review logs, restricted financial claims. |
| Data lifecycle | Retention rules, deletion workflows, import consent, no training on customer data by default. |
| Monitoring | Observability dashboards, audit logs, error budgets, alert routing, uptime checks. |
| Financial compliance | Analytics-only positioning, user review requirements, disclaimers, export audit history. |
AI Boundaries
Model output is assistive and reviewable.
Stat Edge Capital is not building a black-box trading signal. The product treats AI as an explanation, prioritization, and research assistant around portfolio data. Decisions remain with the user.
No autonomous trading or order execution
No personalized investment advice from public demo content
Human review required before client-facing report delivery
Calculation inputs and scenario assumptions preserved with each output
Customer data excluded from model training unless a future opt-in contract allows it