Explore our security practices, compliance certifications, and data protection measures. We believe transparency is the foundation of trust.
Frugal reads your source code to attribute cloud costs to the code that drives them. Here's how we protect it.
You choose which repositories to connect. Frugal only accesses what you explicitly grant, using read-only credentials or short-lived installation tokens. Repositories are cloned over HTTPS (TLS 1.2+). Frugal cannot push code, merge pull requests, modify branches, or change repository settings.
A deterministic (non-AI) task clones the repository into an isolated container with its own dedicated encrypted volume. Each clone gets its own volume — no shared storage between tasks or tenants. All volumes are encrypted at rest (AES-256).
Your source code is never stored in Frugal's database — only structured analysis results are persisted. Cloned repositories are automatically deleted 72 hours after creation, and may be deleted sooner through normal operations. All customer data lives within a dedicated namespace that can be fully destroyed on request, removing all source code, credentials, and results in a single operation.
Your source code is processed by two types of Frugal tasks: deterministic analysis tasks and AI-assisted analysis tasks. Both run in isolated containers that are non-root, unprivileged, and destroyed after task completion. All Frugal code is developed under our SDLC with risk-based review and approval controls — including peer review, automated analysis, and security scanning — and CI checks.
There are additional controls for AI tasks. AI tasks run in a separate container and receive a read-only mount of the cloned repository. AI containers never receive your credentials — your tokens and keys are used by the orchestration layer only. AI containers cannot reach the internet directly — outbound traffic is restricted to a domain allowlist of required endpoints only. All other traffic is blocked.
Source code is sent to the AI model for analysis under a zero-retention agreement. The model provider may not train on your content, does not have access to prompts or outputs, and disclaims any rights to your content.
Your source code is stored on encrypted volumes inside a private cluster with no public endpoints. Direct access to the production cluster is limited to designated engineers with a specific operational need; all infrastructure changes go through peer-reviewed Infrastructure as Code with short-lived federated credentials. There is no ad-hoc path to access, copy, or extract data from the volumes holding your source code outside of the application's controlled processing pipeline.
At the application layer, Frugal employees may access your tenant via approved Forward Deployed Engineer accounts or time-limited, audited support impersonation sessions — but neither provides a direct path to cloned source code on disk.
Every customer gets a fully isolated environment — separated at every layer of the stack.
Your workloads run in a separate namespace with dedicated resource quotas.
Default-deny network policies block all cross-tenant traffic.
Your data lives in its own database instance with dedicated credentials.
Your connector secrets are scoped and separated from other tenants.
Each tenant has its own service accounts and IAM bindings.
Default-deny access control checked on every request before business logic executes.
Our platform is architected around five non-negotiable security principles.
Each customer is a separate tenant with isolation enforced across the application, storage, and network layers.
Least-privilege access to your source code, cloud billing, and observability data. We publish scripts to make provisioning explicit and auditable.
AI agents run in isolated containers without your credentials. We fetch data using deterministic code first, then hand only the results to AI for analysis.
No automated changes to your systems. Frugal Fixes require your review and are applied via PR using your own GitHub/GitLab identity.
SSO and identity federation are delegated to a specialist identity provider. No Frugal-managed passwords or user credential storage.
Formal policies, continuous compliance, and a security-aware culture across the company.
Risk-based review and approval controls on all changes — including peer review, automated analysis, and security scanning — with branch protection enforced on production repositories. Static analysis and dependency scanning on code and container images. CI/CD authenticates via short-lived federated credentials — no long-lived keys. Application containers run non-root with privilege escalation disabled.
Structured logging with allowlist-based secret masking — sensitive values are never logged. Severity-based incident classification with defined resolution targets. Emergency response team mobilised for major incidents. Post-incident reviews with root cause analysis for significant events.
Quarterly risk assessments evaluating likelihood and impact. Tracked risk register with treatment plans for Medium-rated risks and above. All third-party vendors assessed before onboarding.
SOC 2 Type II attestation (Security, Availability, Confidentiality) with unqualified opinion. Continuous compliance automation and centralized oversight. All policies reviewed at least annually.
Formal DR and BCP plans tested and reviewed at least annually. Defined recovery time and recovery point objectives. Stateless application architecture with automatic infrastructure scaling and node replacement.
Company-issued devices with endpoint protection, disk encryption, and screen lock enforced. Mandatory security awareness training for all employees.
Access our compliance documentation and engage our security team directly.
Independently audited (Jul–Sep 2025). Covers Security, Availability, and Confidentiality. Unqualified opinion, no exceptions. Available on request under NDA.
Customer Trust Center →We complete SIG, CAIQ, and custom security questionnaires. Architecture review calls available with your infosec team on request.
Get in touch →Frugal engages an external penetration tester on a regular basis. Results are available to customers and prospects on request under NDA.
Customer Trust Center →If you believe you've found a security vulnerability in Frugal, we want to hear from you. Our disclosure policy outlines how to report responsibly and what to expect.
View policy →Our team is available for security architecture reviews, questionnaire completion, and compliance discussions.
infosec@frugal.co