Security is the architecture, not a feature
Every design decision in CitrusGlaze starts with the threat model. 17 Rust crates, 560+ tests, and a 9-stage inspection pipeline. The scanner is open source — audit the detection patterns yourself. Coverage informed by the MITRE ATLAS AI threat landscape.
Threat model
Each threat maps to implementing code. Click the defense to view the source.
Threat categories informed by the MITRE ATLAS framework for AI systems.
| ID | Threat | Defense |
|---|---|---|
| T1 | Data Exfiltration / Insider Threat | citrusglaze-secrets + honey tokens |
| T2 | Supply Chain | destination allowlist + Sigstore attestation |
| T3 | Destructive Ops | Cedar policies + injection detection |
| T4 | Lateral Movement | destination allowlist + metadata endpoint deny |
| T7 | Denial of Service | Rate limiting + cost caps |
| T8 | Loop Attack | loop_detection.rs — 5 in 60s threshold |
Testing
Tests across 17 crates
Unit tests, integration tests, and end-to-end tests covering the full inspection pipeline.
Adversarial bypass tests
Base64 encoding, URL encoding, hex encoding, ROT13, Unicode confusable characters — all tested.
AI tool compatibility
End-to-end compatibility tests for Claude Code, Cursor, Copilot, ChatGPT, and more.
Continuous integration
GitHub Actions CI runs on every commit across macOS and Linux. Clippy warnings treated as errors.
Transparency
Scanner is MIT licensed
Audit the scanner's 349+ detection patterns. No obfuscation, no hidden calls.
Local-first AI inspection
AI traffic is inspected locally. Product analytics and error reporting can be disabled in Settings.
SQLite local storage
All inspection events stored locally as structured JSON. Your audit logs stay on your infrastructure — ready for SIEM ingestion or compliance review.
Scanner source on GitHub
Where CitrusGlaze fits in the security stack
SSE platforms route traffic through their cloud for inspection. CitrusGlaze inspects locally — no cloud routing required.
What we don't have (yet)
We believe transparency builds trust. Here's where we are today.
No SOC 2 Type II certification
On our roadmap. Our scanner is open source (MIT) and available for your security team to audit directly.
No FedRAMP authorization
Not applicable to our current deployment model. AI inspection is local; Pro/Enterprise cloud sync is optional.
No 24/7 support team
Direct engineering support with response within 24 hours. You talk to the people who built the product.
No SLA guarantees
We're early-stage. Our uptime record is excellent but we don't offer contractual SLAs yet.
We're early-stage and transparent about it. Our code is the proof.
Responsible disclosure
Found a security issue? We take vulnerability reports seriously. Please contact us directly.
[email protected]Ready to evaluate CitrusGlaze?
Start with the free scanner, or talk to us about your security requirements.