We’re SOC 2 Type 2 compliant.
Request reports here.
Penetration test completed
on 10-08-2004.
Performed a SOC 2 Type 2
examination.
Using Fisent’s BizAI to digitize and automate the process, Connection is now able to process orders in as few as 4 minutes rather than up to 4 hours. As a result, order fulfillment has been expedited and time-to-revenue has been reduced.
Recently Fisent Risk was implemented within Aruba Bank and Orco Bank, to fully digitize and automate their onboarding/KYC assessments. These banks serve consumers and legal entities in four distinctly unique countries. Fisent Risk was able to save over 71,000 business hours and generate over $1,000,000 in annualized savings.
Fisent enabled KR to transition from a manual knowledge worker based approach to a digital AI-powered system that reduced manual input errors by 90%. This shift reduced time spent on quality assurance and accelerated testing by 50% while also enabling Kaufman Rossin clients to access real-time reports and trend analysis.
Client data processed through BizAI is never retained or used for training. Fisent ensures this with our own APIs and with our adjusted agreements with model providers.
All data at-rest is secured using AES-256 encryption, with data in transit encrypted using TLS 1.3.
Our GenAI Efficacy Framework (GEF) allows clients to track output accuracy and ensure internal standards are met prior to and following deployment.
Least privilege principle is applied – where Users are added through the console provided by the cloud service provider. Access requires strong MFA, and is limited to specific employees with a need for access.
Fisent compliance partners conduct regular security audits and penetration tests to identify and address any vulnerabilities.
All our employees receive routine security awareness training, creating a culture of security consciousness.
BizAI is a zero-retention solution, where no data beyond simple API usage metrics (e.g., processing time, volumes, etc.) are retained or persisted. Fisent does not store client prompts, outputs or inputs and does not train or fine tune models on processed client data. Additionally, the enterprise LLMs used by BizAI do not train on client data. In other words, clients can process content without concern of their inputs, outputs or prompts being retained in any form. Client data is only stored within a client’s own application layer.
Fisent mitigates hallucinations and provides clients with unparalleled accuracy by layering a range of proprietary and research prompt techniques into BizAI deployments. Additionally, with our analytics tools, clients can easily view output accuracy rates prior to deployment. Finally, BizAI outputs have a high degree of explainability through the rationale function which provides a brief explanation of the logic behind the generated outputs.
BizAI is built in AWS with serverless technology enabling infinite scalability. Additionally, Fisent’s agile engineering team consistently monitors usage patterns and performance to proactively mitigate any service outages.
BizAI leverages AWS architecture which is natively multi-tenant – enabling separation of data requests. Secondarily, BizAI usage is an API request based process, meaning Users do not login to utilize BizAI – it’s “machine to machine”. Additionally, the required use of a customer-assigned unique API Key is incorporated into temporary data-at-rest construct.
We apply several layers of controls to protect your data some of which include: HTTPS, In-memory processing, AWS platform managed encryption of all storage services (e.g., 256-bit Advanced Encryption Standard Galois/Counter Mode (AES-GCM)).
We conduct code reviews for every pull-request. Furthermore, code packages are scanned daily for security vulnerabilities and incident reports. Code branches and merging strategy is rule enforced to prevent unauthorized changes, and access and deployment controls are least-privilege control.
Yes, we do conduct PenTests. Additionally, we invest in test automation that is run daily and includes endpoint testing with a security focus. Also the surface area is restricted to a set of API endpoints supported by AWS API Gateway, a mature best-in-class service.
