Safe Data Intake
Start with structure, not secrets.
The first conversation should never require production credentials, raw regulated dumps or invasive access. BOUNDA starts from scope and safe exports.
No secrets
No credentials, API keys, private tokens or .env files in public forms.
Read-only first
Decision logs and exports before integrations or runtime access.
Anonymized accepted
Structure and joinability matter more than raw personal data in scoping.
NDA / DPA path
Regulated clients can start with NDA/DPA before sensitive evidence exchange.
Retention choice
Define deletion and retention before a First Evidence Close.
Claim policy
The files you provide determine what BOUNDA can and cannot say.
Receipt examples
Each surface has a different evidence list.
| Surface | Useful receipts |
|---|---|
| Payments | decision logs, PSP objects, webhooks, fees, settlements, reconciliation |
| AI Agents | agent decisions, tool traces, token usage, memory writes, DB mutations |
| Cloud / IAM | deny logs, IAM export, signed URL inventory, storage inventory, access logs |
| OT | historian export, SCADA/DCS command logs, PLC logs, sensor freshness, overrides |
Bring the shape of the proof first.
We will ask for the minimal safe evidence needed to qualify the boundary and recommend the next step.
Start Boundary Check →