Security Model & Hardening

Core Security Principles

• Outbound-only — Agents never listen for inbound connections
• Zero data exfiltration — No telemetry sent anywhere
• Least privilege — Minimal permissions on server and agents
• Immutable tokens — Enrollment tokens are revocable and time-limited

Authentication & Encryption

• TLS 1.3 enforced on all traffic
• JWT with short expiration for agent sessions
• Certificate pinning supported
• PostgreSQL encrypt-at-rest

Production Hardening Checklist

Server

• Dedicated VM or container, non-root user
• Only port 443 exposed (reverse proxy)
• Automatic security updates enabled
• Fail2ban + strong SSH keys

Agents

• Linux: systemd service as non-root where possible
• Windows: Limited user + AppLocker
• Debug logging disabled in production

Threat Model

VigilPrism mitigates common threats including agent compromise, man-in-the-middle attacks, token theft, and database breaches through layered controls.