Hawkeye Security & AI Policy

Welcome to Hawkeye’s security and AI policies which is designed to ensure your data remains secure and your systems stay protected.

At Neubird, we prioritize a security-first approach and ethical AI practices, combining cutting-edge technology with thoughtful design principles.

This document outlines how we safeguard your environment through advanced security features like ephemeral data processing, read-only access, and compliance-ready architecture.

Additionally, you’ll discover our AI philosophy, emphasizing transparency, explainability, and human oversight to ensure Hawkeye works as a reliable assistant in your IT operations.

Our Security Commitment

At Neubird, your security is our top priority. Hawkeye is designed to be the most secure GenAI Powered SRE, built from the ground up with security-first principles. These are the foundational tenets that guide our security design:

Zero Data Storage

Hawkeye operates as an ephemeral platform, processing telemetry data in real-time without storing any historical information. Information is isolated in memory while in use for an investigation. Once an analysis session ends, all telemetry data is automatically purged from memory.

Read-Only Access

All connections to your infrastructure utilize strictly read-only permissions, making it technically impossible for Hawkeye to modify your systems or data. This architectural decision ensures operational safety while enabling comprehensive analysis.

Principle of Least Privilege

Each connection is scoped to the minimal set of resources required for Hawkeye to perform its analysis. We provide detailed documentation of required permissions for each integration type, ensuring complete transparency.

Temporary Credentials

We exclusively use short-lived security credentials through services like AWS Security Token Service (STS) for cloud access. No long-term credentials are ever stored in our system, significantly reducing security risks.

Customer-Controlled Access

You maintain complete control over permissions and access. Each integration uses customer-specific external IDs and custom trust policies that you configure, and you can revoke access instantly at any time.

Secure Authentication

We implement industry best practices for authentication across all supported platforms:

• AWS: IAM roles with external IDs and custom trust policies
• Azure: Registered applications with explicit permission boundaries
• Third-party tools: API keys with defined scope and regular rotation

Compliance-Ready Architecture

Our security architecture aligns with major compliance frameworks and cloud provider best practices, making it easier to maintain your compliance requirements while leveraging Hawkeye’s capabilities.

AI Policy

At Neubird, we believe in harnessing the power of artificial intelligence to transform IT operations while maintaining the highest standards of security, privacy, and ethical responsibility.

Our AI-powered SRE, Hawkeye, represents our commitment to developing and deploying AI systems that are secure, transparent, and aligned with our customers’ best interests.

No LLM Training!

Your data is never used to train our models or shared with external LLM providers. In fact your data is not sent to the LLM, only metadata is sent. The LLMs are used as a thinking guide to the Hawkeye engine which does the actual data manipulation in an isolated memory space.

Explainability

All recommendations include clear rationale and supporting evidence.

Human oversight

Critical decisions remain under human control, with AI serving as an intelligent assistant providing root cause analysis and recommended actions

Continuous monitoring

We actively track and validate AI system performance and decision quality, learning and improving the investigation plans

Transparency in updates

Clear communication about AI capability changes, detailed release notes for system updates, and regular security and performance audits

Neubird commits to maintaining the highest standards of AI safety, security, and responsibility. We continuously evaluate and improve our AI systems to ensure they serve our customers’ needs while protecting their interests.

Our goal is to create an environment where human expertise and AI capabilities work in harmony to transform IT operations.