Security & credential handling
VaultLayer runs training jobs on your own cloud (BYOC) or on managed GPU capacity. Here is what it accesses, how credentials are used, and what we are still hardening — stated plainly, without security theater.
What VaultLayer accesses
Only the credentials you provide, and only to do one thing: provision, run, and tear down the compute for your training job. Under BYOC the job runs on your own cloud account. VaultLayer is a control plane, not a data broker — it does not use your credentials for anything outside running your jobs.
Fail-closed by design
vl run --byoc errors hard and stops if no compute credentials are set — it does not silently fall back to managed capacity, so a job cannot end up running somewhere you did not intend. BYOC jobs run only on the cloud you connected.
Per-job isolation
Each job runs on its own provisioned instance with credentials scoped to that job — you are not sharing a container with other customers, and instances are torn down after the run. For managed runs, checkpoint storage uses short-lived, job-scoped credentials rather than a shared long-lived key.
What we're still hardening (stated honestly)
We are a small team and would rather be straight than oversell. We are actively hardening how BYOC compute credentials are passed to instances and our secret-handling posture across providers, and we do not currently publish a formal certification such as SOC 2. If you are running a security review or have specific requirements, email the founder for direct, honest answers about the current state.
Frequently asked questions
What can VaultLayer access in my cloud account?
Only what a training run needs: the credentials you connect are used to provision, run, and tear down your job's compute, and nothing else.
What happens if I run --byoc without credentials?
It fails closed — a hard error, and the job does not run. VaultLayer does not fall back to managed capacity for a BYOC job, so nothing runs on infrastructure you did not connect.
How do I request a security review or report an issue?
Email rahuljain@vaultlayer.cloud — you will reach the founder directly for a security review, a questionnaire, or to report a vulnerability.
Questions about security?
Email the founder directly for a security review, a questionnaire, or specifics on our current credential-handling posture.
Sign upEvaluating for a team, or bringing your own cloud or GPU contract? Talk to us — you'll reach the founder directly.