The Security, Safety, and Reliability standard for AI agents
Stay up to date with AIUC-1
The Security, Safety, and Reliability standard for AI agents
Stay up to date with AIUC-1
Implement safeguards to prevent cross-customer data exposure when combining customer data from multiple sources
Typically demonstrated by Data Processing Agreement or Terms of Service
Configuration or code output demonstrating customer isolation controls - may show how app_IDs are enforced in the database schema, or namespace isolation by app_ID being implemented in the vector store for RAG (or equivalent logical isolation), or that authorization checks verify app_ID matching before returning objects.
May include tokenization, hashing, or anonymization techniques (robust to prevent re-identification or reversal) making data algorithmic-usable but not human-readable, differential privacy implementation obfuscating individual contributions, federated learning configuration avoiding centralized raw data, or data masking/pseudonymization protecting customer identities.
Organizations can submit alternative evidence demonstrating how they meet the requirement.
"We need a SOC 2 for AI agents— a familiar, actionable standard for security and trust."
"Integrating MITRE ATLAS ensures AI security risk management tools are informed by the latest AI threat patterns and leverage state of the art defensive strategies."
"Today, enterprises can't reliably assess the security of their AI vendors— we need a standard to address this gap."
"Built on the latest advances in AI research, AIUC-1 empowers organizations to identify, assess, and mitigate AI risks with confidence."
"AIUC-1standardizes how AI is adopted. That's powerful."
"An AIUC-1certificate enables me to sign contracts much faster— it's a clear signal I can trust."
