[ SECURITY_PROTOCOL ]

VERSION: 1.0 (SPECIFICATION)
STATUS: OPERATIONAL (MANUAL)

[ OPERATIONAL NOTICE ]

This document specifies the security protocols that govern client engagements. Execution is a manual, auditable process designed to minimize client IP exposure.

01 // DATA HANDLING & CONTAINMENT

All client repositories are analyzed within isolated, air-gapped forensic environments. The working set is mounted on volatile, memory-backed storage (RAM disk/tmpfs) and processed inside a network-isolated container (no egress).

  • • Static analysis is performed inside a network-isolated container with no internet egress. Source code never leaves this environment.
  • • Narrative synthesis uses AI-assisted tooling operating on extracted metadata and redacted telemetry — not raw source files. All AI-generated outputs are human-verified against primary evidence before inclusion in any deliverable.
  • • Session data is destroyed on teardown; no client repository is retained after engagement closeout.

02 // DESTRUCTION PROTOCOL

Upon delivery of the Final Artifact (or 48 hours after project termination), the following sequence is executed:

  1. 1. The forensic environment is dismantled and access is revoked.
  2. 2. The volatile workspace (RAM disk/tmpfs) is detached/unmounted, destroying the working set.
  3. 3. A destruction ledger entry is recorded as an operational attestation.
  4. 4. If persistent storage is ever used for an exception case, the workspace is created as an encrypted vault image and destroyed via cryptographic erase (NIST SP 800-88 Rev. 1), and is documented in the engagement log.

A destruction attestation is recorded in the engagement log.

03 // LIABILITY & LEGAL

Paid client engagements are governed by mutual NDA and SOW/MSA templates appropriate to the engagement tier.

  • • Recon-tier engagements require a signed Mutual NDA and Statement of Work (SOW) before any non-public data is accessed.
  • • Deep Audit engagements additionally require a Master Service Agreement (MSA) with liability cap and scope exclusion clauses.
  • • Professional Liability Insurance (E&O) is obtained prior to engagements involving private repository access.
  • • Zero retention of client IP rights is guaranteed contractually via the engagement SOW/MSA.

04 // EMERGENCY CONTACT

In the event of a security anomaly:

  • • EMAIL: miguel.ingram.research@gmail.com
  • • PGP KEY: 2A55 89CB 674A 52C6

END OF FILE.

< RETURN_TO_ROOT