We’re SOC 2 Type 2 compliant.
Request reports here.
Penetration test completed
on 10-08-2024.
Performed a SOC 2 Type 2
examination.
As one of the top-performing syndicates in the Lloyd’s of London insurance market, AEGIS faced the challenge of ingesting, analyzing, and responding to inbound information that comes in varying structures and diverse formats. One example is submissions from insurance brokers requesting policy adjustments that potentially impact exposure or premiums. This labor-intensive work, often involving underwriters, diverts valuable time from underwriting new business. Fisent BizAI was quickly able to begin processing the multitudes of structures, languages, and formats seamlessly to deliver actionable data into the enterprise workflow - creating cost and speed advantages and improving the way data is used to drive more timely and informed business decisions.
Using Fisent’s BizAI to digitize and automate the process, Connection is now able to process orders in as few as 4 minutes rather than up to 4 hours. As a result, order fulfillment has been expedited and time-to-revenue has been reduced.
Recently Fisent Risk was implemented within Aruba Bank and Orco Bank, to fully digitize and automate their onboarding/KYC assessments. These banks serve consumers and legal entities in four distinctly unique countries. Fisent Risk was able to save over 71,000 business hours and generate over $1,000,000 in annualized savings.
Fisent enabled KR to transition from a manual knowledge worker based approach to a digital AI-powered system that reduced manual input errors by 90%. This shift reduced time spent on quality assurance and accelerated testing by 50% while also enabling Kaufman Rossin clients to access real-time reports and trend analysis.
Client data processed through BizAI is never retained or used for training. Fisent ensures this policy applies to our own APIs and with our enterprise agreements with any third party model hosts.
All data at rest is secured using AES-256 encryption, with data in transit is encrypted using HTTPS (TLS 1.2/1.3).
Our GenAI Efficacy Framework (GEF) allows clients to track output accuracy and ensure internal standards are met prior to and following deployment.
All our employees receive routine security awareness training, creating a culture of security consciousness.
Fisent employs a strict policy of least-privilege access to systems and data, which includes the use of strong MFA. BizAI’s codebase leverages infrastructure-as-code to ensure fine-grained permissions are granted to services and components defined within the architecture. Network activity and system access is continuously monitored with alarms to alert on suspicious events.
Fisent’s compliance partners conduct regular security audits and penetration tests to identify and address any vulnerabilities.
Through Fisent’s partnership with Vanta, security controls are monitored in real-time and adapt as compliance frameworks evolve. Fisent’s Trust Center enables customers a real-time view of controls, and a central place to view all compliance documentation.
BizAI is a zero-retention solution, where no data beyond simple API usage metrics (e.g., processing time, volumes, etc.) are retained or persisted. Fisent does not store client prompts, outputs or inputs and does not train or fine tune models on processed client data. Additionally, the enterprise LLMs used by BizAI do not train on client data. In other words, clients can process content without concern of their inputs, outputs or prompts being retained in any form. Client data is only stored within a client’s own application layer.
Fisent mitigates hallucinations and provides clients with unparalleled accuracy by layering a range of proprietary and research prompt techniques into BizAI deployments. Additionally, with our analytics tools, clients can easily view output accuracy rates prior to deployment. Finally, BizAI outputs have a high degree of explainability through the rationale function which provides a brief explanation of the logic behind the generated outputs.
BizAI is built in AWS with serverless technology enabling infinite scalability. Additionally, Fisent’s agile engineering team consistently monitors usage patterns and performance to proactively mitigate any service outages.
BizAI leverages AWS architecture which is natively multi-tenant – enabling separation of data requests. Secondarily, BizAI usage is an API request based process, meaning Users do not login to utilize BizAI – it’s “machine to machine”. Additionally, the required use of a customer-assigned unique API Key is incorporated into temporary data-at-rest construct.
We apply several layers of controls to protect your data some of which include: HTTPS, In-memory processing, AWS platform managed encryption of all storage services (e.g., 256-bit Advanced Encryption Standard Galois/Counter Mode (AES-GCM)).
We conduct code reviews for every pull-request. Furthermore, code packages are scanned daily for security vulnerabilities and incident reports. Code branches and merging strategy is rule enforced to prevent unauthorized changes, and access and deployment controls are least-privilege control.
Yes, we do conduct PenTests. Additionally, we invest in test automation that is run daily and includes endpoint testing with a security focus. Also the surface area is restricted to a set of API endpoints supported by AWS API Gateway, a mature best-in-class service.
