Privacy & Security

Certification¶

Escape is committed to maintaining the highest standards of security and privacy protection for our customers' data. We maintain SOC 2 Type II certification and implement comprehensive security controls across infrastructure, organizational processes, product security, and data privacy.

For detailed information about our security practices, compliance certifications, security controls, and privacy policies, visit our Trust Center.

SOC 2 Type II Certification

Policies and TOS¶

• Privacy Policy
• Terms of Service
• Escape AI Overview & Trust Guidelines

AI Models¶

Escape's AI-powered features — including AI Pentesting and Agentic Crawling — are not built on a single LLM. Escape uses a portfolio of models, routing each sub-task (crawling, exploit design, exploit validation, planning, evidence summarization) to the model best suited for that stage. The portfolio includes frontier commercial models (OpenAI, Anthropic, Google) and open-weight models hosted on Escape-controlled infrastructure.

We continuously benchmark new models as they are released and swap in whichever performs best on Escape's internal security-evaluation harness. The specific routing logic is part of Escape's private IP.

Data handling guarantees:

• Customer data is never used to train third-party or in-house models.
• Zero-retention agreements are in place with commercial providers where available — prompts and responses are not retained by the provider.
• Open-weight models used in sensitive contexts run entirely on Escape-controlled infrastructure.
• Organization administrators can disable all AI Pentesting activity via the AI Pentesting Kill Switch.

For the per-agent, per-stage breakdown, see AI Pentesting — How It Works: AI Models.

Contact¶

For security-related inquiries, contact us at security@escape.tech.

For privacy-related inquiries, contact us at privacy@escape.tech.