NemoRouter is the gateway for every prompt, every key, and every dollar of spend. We built it the way auditors expect — encryption, RLS, virtual keys, guardrails, and an audit trail that never goes silent.
Architectural invariants
Backed by managed Cloud Run + Supabase
At rest + TLS 1.2+ in transit
Every Nemo table, no exceptions
LLM traffic uses virtual keys only
Built on the controls security teams already audit for
Every request flows through Nemo Backend before it touches a provider. Auth checks, RLS scope, credit reservation, and guardrails all live on the same hop — there is no shortcut path for the frontend to call an LLM directly.
Request flow
Client / SDK
Bearer sk-nemo-…
Only virtual keys leave the client; master keys never ship.
Frontend (Next.js)
:3001 — Cloud Run
Server actions add auth + RLS scope before forwarding.
Nemo Backend
:8090 — FastAPI
Auth, credit reserve, guardrails, observability — in path.
Nemo Intelligent Proxy Router
In-process ASGI
Cost tracking, rate limits, provider fallback chains.
Provider
Vertex / Anthropic / OpenAI
Outbound traffic only; no inbound provider calls.
The in-process Nemo Intelligent Proxy Router ASGI app runs in-process inside Nemo Backend — no separate :4000 service to harden, no extra network hop to attack.
Every NemoRouter customer gets the full security posture from day one. No “Enterprise tier” for SSO, audit logs, or guardrails — these are not features we sell, they are guarantees we ship.
TLS 1.2+ on every public endpoint with HSTS preload, AES-256 for data at rest. API keys are hashed on creation; the full plaintext is shown once and never stored anywhere.
Every Nemo table has Row-Level Security enabled. Cross-tenant reads or writes are impossible at the database layer — not "discouraged," denied. Service role bypasses RLS only inside server-side API routes.
Customer LLM traffic only ever uses virtual keys (sk-nemo-…). Master keys are reserved for internal management CRUD — never exposed to the dashboard, the playground, or your code.
Frontend never talks to the routing engine directly. Every request flows Frontend → Nemo Backend → in-process Nemo Intelligent Proxy Router, with auth, RLS scoping, guardrails, and credit reserve+settle on every hop.
Every prompt and response runs through built-in guardrails. PII redaction, prompt injection detection, secret scanning, abuse blocking, response scanning — included on every plan from day one.
Every administrative action, key change, guardrail trigger, and budget event is logged with the actor, source IP, payload diff, and timestamp. Exportable for compliance reviews.
Multi-tenancy is enforced at the database, not the application layer. The application can have bugs; the database refuses to return rows from the wrong tenant.
Tenant isolation
organization_id is the same value in your Bearer key, in the Frontend session, in Nemo Backend, in the in-process Nemo Intelligent Proxy Router admin schema, and in every nemo.* table. There is no mapping table to drift, no sync layer to compromise.
RLS policy spot-check
Every LLM request reserves credits before forwarding and settles after the cost header arrives. Failures release the reservation. There is no path to a negative balance because the database refuses to write one.
Reserve + settle
The credit ledger uses Postgres advisory locks for atomic increment/decrement. Concurrent writes serialize at the row level. Webhooks are idempotent on Stripe event id. Reservations expire automatically if a request never settles.
Money-safety invariants
Engineering principle
Built audit-ready from day one — not retrofitted before a procurement call.
RLS, virtual keys, master-key isolation, reserve+settle credit safety, and the audit trail are non-negotiable invariants in our codebase — enforced by tests that block merges, not by promises on sales calls.
We state status precisely — achieved, in progress, or available on request. A formal SOC 2 Type II audit is underway; we will not call it certified until the report is signed.
NemoRouter operates SOC 2-aligned security, availability, and confidentiality controls today — encryption, access control, change management, audit logging, tenant isolation. A formal SOC 2 Type II observation period is underway; the audited report is targeted for Q3 2026. Our infrastructure substrate (Google Cloud Run, Supabase) is already SOC 2 Type II certified.
Controls walkthroughInformation security management practices aligned to ISO/IEC 27001 Annex A controls — asset management, access control, cryptography, operations security, supplier relationships. A formal ISO 27001 certification is on the roadmap; the infrastructure substrate (Cloud Run, Supabase) is independently ISO 27001 certified.
Controls walkthroughCompliant with the EU General Data Protection Regulation. Data Processing Addendum available for signature, EU Standard Contractual Clauses with subprocessors, data-subject access and erasure tooling built into the dashboard, and EU data residency available on Enterprise.
Read the DPANemoRouter supports HIPAA-eligible workloads. A Business Associate Agreement (BAA) is available for healthcare customers processing protected health information — request one through the Enterprise team. PII redaction guardrails run on every request at no extra cost.
Request a BAANemoRouter never touches raw cardholder data. All payments are processed by Stripe, a PCI DSS Level 1 certified service provider; card numbers are tokenized client-side and never reach our servers or database. Your PCI scope for using NemoRouter is therefore minimal.
How payments workPin where customer data is processed and stored. US is the default footprint; EU residency is generally available on Enterprise, with UK, Canada, Australia, Singapore, and India available on request for residency-sensitive workloads.
Residency mapFor the DPA, SLA, AUP, and subprocessor list, see the trust center. Procurement can request a controls walkthrough or a completed vendor security questionnaire from security@nemorouter.ai.
If you discover a security issue, please report it responsibly. We acknowledge within 48 hours, target 7 days for critical fixes, and follow coordinated disclosure.
security@nemorouter.ai
PGP key on request. Acknowledged within 48 hours.
Phone
+1 (850) 988-7471
Critical-only line. Voicemail forwarded to on-call.
CloudAct Inc.
100 S Murphy Ave
STE 200 PMB4013
Sunnyvale, CA 94086
United States
Customer data lives in managed Postgres with at-rest encryption, replicated within a single region. United States is the default footprint. EU residency is generally available on Enterprise; the UK, Canada, Australia, Singapore, and India are available on request — covering GDPR data-locality requirements and the residency expectations of the EU AI Act.
Default US runs on us-central1; EU on europe-west4 with Supabase Postgres co-located and subprocessors signed under EU SCCs. Need a region pinned? sales@nemorouter.ai.
Sessions are managed by Supabase Auth. Idle timeout is enforced from the dashboard, refresh tokens rotate transparently, and users can revoke active devices from their account page.
Security review · 30 minutes
No NDAs to start, no sales gate. Bring your auditor — they will get the same answers we give the engineering team.