What Veil Firewall stores, blocks, and retains.
Veil Firewall is designed to minimize exposure while still creating the audit evidence teams need for agent security reviews.
Encrypted raw payloads
Raw request and response payloads are stored encrypted at the application layer so incident responders can reconstruct what happened when needed.
Queryable normalized views
Normalized and redacted copies of traffic are stored alongside encrypted raw payloads so dashboards and policy analytics work without exposing originals.
Tenant separation
API keys are scoped to a tenant slug, and dashboard endpoints only return audit data for the authenticated tenant.
Operational notes
- Tool traffic may contain customer data, secrets, or internal prompts. Treat firewall logs accordingly.
- Webhook notifications are signed with a tenant-specific secret and only fire on deny and review events.
- You remain responsible for your own retention policy, access controls, and legal compliance program.