Security Architecture
Built for the Security
Teams That Will Review It
CISOs and Security Architects don't take governance products on faith. Here is exactly how Gatepost is deployed, what it can access, and what it cannot.
Principles
Six Security Principles
Each principle maps to a specific architectural decision you can verify during a technical review.
In-Tenant Deployment
Gatepost deploys exclusively as Azure resources within your subscription. The control plane, audit store, and policy engine all run in your environment. Gatepost has no infrastructure that your data ever reaches.
Zero Trust Architecture
Every internal service-to-service call is authenticated via managed identity. There are no shared credentials, no API keys stored in application config, and no permanent privileged access required during steady-state operation.
Entra ID Native Integration
Agent identity enforcement is implemented entirely through Entra ID service principals and managed identities — the same identity plane your security team already monitors, rotates, and audits.
Audit Log Integrity
Retrieval audit records are written to append-only Azure Log Analytics. Cryptographic chaining ensures tamper-evidence. Gatepost's own operators cannot modify or delete audit records once written.
Data Residency
Because Gatepost is deployed in your tenant, data residency is determined by your Azure region selection — not Gatepost's. EU customers deploy in EU regions. Data sovereignty requirements are met by design.
Blast Radius Containment
Each Gatepost deployment component operates with the minimum required permissions. A compromise of any single component cannot yield access to document content — only to metadata and audit records.
Identity Integration
Entra ID Native.
No Shadow Identity.
Gatepost does not maintain a separate identity store. Every identity assertion runs through your Entra ID tenant. Your security team retains full visibility and control.
- Service principals registered in your Entra ID tenant — not Gatepost's
- Conditional Access policies applied to Gatepost service accounts
- PIM-eligible roles for Gatepost administrative access
- Audit of all Gatepost service account sign-ins via Entra audit logs
- Support for Entra Workload Identity Federation
Identity Enforcement Flow
Audit Trail
Your logs. Your workspace.
Your evidence.
Workspace
Your Log Analytics workspace — you own the data
Retention
Configurable — default 90 days, extendable to 7 years
Schema
Open KQL-queryable schema — no proprietary lock-in
SIEM
Microsoft Sentinel connector included
Export
Structured JSON export for eDiscovery and regulator requests
Integrity
Append-only with cryptographic chain verification endpoint
Request a Technical Architecture Review
We provide detailed architecture documentation, infrastructure-as-code review, and direct access to our security team for enterprise evaluations.
Request technical review