Skip to main content
Welcome to NOFire AI’s Security and AI Policy Documentation. Our commitment is to ensure your data remains secure and your systems robustly protected. At NOFire AI, we embrace a security-first approach combined with ethical AI practices. Leveraging cutting-edge technology and innovative design principles, we are dedicated to maintaining the highest standards of data integrity and operational reliability. This document outlines our comprehensive security measures, including advanced techniques such as ephemeral data processing, strict read-only access protocols, and a compliance-ready architecture designed to meet evolving industry standards. Additionally, our AI philosophy champions transparency, explainability, and human oversight - ensuring NOFire AI remains a trusted and reliable partner for your SRE and on-call engineers.

Security Commitment

At NOFire AI, your security is our highest priority. Our platform is engineered as the most secure GenAI-powered SRE, built from the ground up with uncompromising security-first principles. Below are the core tenets that form the foundation of our security design:
NOFire AI operates as an ephemeral platform that processes telemetry data in real time without retaining any historical records. All information is securely isolated in memory solely during active investigations and is automatically purged once an analysis session concludes.
Every connection to your infrastructure is established with strictly read-only permissions, ensuring that NOFire AI cannot modify your systems or data. This design guarantees operational safety while still enabling comprehensive analysis.
We adhere to the principle of least privilege by limiting each connection to the minimal set of resources required for effective analysis. Detailed documentation of the necessary permissions for each integration is provided, ensuring complete transparency.
NOFire AI exclusively utilizes short-lived security credentials - such as those provided by AWS Security Token Service (STS) - for cloud access. By avoiding the storage of long-term credentials, we significantly reduce security risks.
You retain full control over permissions and access. Each integration employs customer-specific external IDs and custom trust policies, enabling you to instantly revoke access as needed.We implement industry-leading authentication practices across all supported platforms:
  • AWS: Leveraging IAM roles with external IDs and custom trust policies
  • Third-Party Tools: Employing API tokens with defined scopes and regular rotations

AI Policy

At NOFire AI, we harness the power of artificial intelligence to improve incident resolution and response while upholding the highest standards of security, privacy, and ethical responsibility. Our AI Agentic Incident Response Team is committed to developing and deploying AI systems that are secure, transparent, and aligned with our customers’ best interests.
Safe data

Your data is never used for training or shared with external LLM providers. Instead, only metadata is sent, while your actual data remains securely isolated. The LLMs serve as cognitive assistants to the NOFire AI engine, which performs all data manipulation within memory space.
Data Scrubbing

We remove PII and sensitive information before any processing.
Bring Your Own LLM

We support different LLMs and versions (Anthropic, OpenAI, MistralAI, DeepSeek) even self-hosted with VPC PrivateLinks.

Data Privacy

Your data may be used for in-context learning to improve your team’s experience with NOFire AI. We never use customer data to train our AI/ML models or enhance services for other customers. Customer data is strictly isolated and only used to benefit your organization, maintaining complete privacy and separation at all times.