Why Pretense is Fully Auditable (And What It Means for Enterprise Buyers)

The Security Paradox

Here is the problem with most security tooling: you are supposed to trust it with your most sensitive data, but you cannot see how it works.

You are evaluating a DLP product. The vendor assures you that data leaving your environment is handled according to their security standards. Their documentation says the right things. Their sales engineer knows all the compliance buzzwords. But the actual code that processes your proprietary information, the algorithm that decides what is sensitive and what is not, the data paths that determine what gets logged and where: all of that is opaque.

You are trusting a black box to protect your secrets.

For most software categories, this is a reasonable tradeoff. You do not need to see the source code of your payroll system to trust that it processes payroll correctly. The audit mechanisms exist at the financial layer, not the code layer.

Security tools are different. The entire value proposition is that the tool can be trusted with sensitive data. If you cannot audit the tool, you are making an assumption about trustworthiness that the vendor is asking you to accept on faith.

Pretense's mutation algorithm is fully documented and verifiable. You do not need to trust us on faith. Enterprise customers receive a full technical security review package.

What Full Auditability Gives You

**You can verify the mutation algorithm.**

The core concern for any enterprise evaluating Pretense is this: does the tool actually prevent proprietary identifiers from leaving the network? Pretense provides full technical documentation of the scanner, mutation function, and reversal function. Enterprise customers can request a security review session with our engineering team.

Your security team can verify that the mutation map is never transmitted, and confirm that the proxy does not log real identifiers in any accessible location. That audit takes a day.

**You can verify that no data leaves your machine.**

The local-first architecture is a claim we make in all of our marketing. Pretense's proxy runs entirely on your machine. The mutation map is stored in .pretense/mutation-map.json. The audit log is local. The proxy does not make any outbound connections except to the LLM API endpoint you configure.

**You can request language support.**

Pretense's scanner today supports TypeScript, JavaScript, Python, Go, and Java. If your organization uses Rust, Kotlin, C++, or another language, contact us to prioritize that scanner module.

What We Keep Proprietary

The cloud dashboard, enterprise SSO and key management, support SLAs, and managed on-prem deployment are commercial offerings. The services that run in our infrastructure and require our ongoing operation are commercial.

For enterprise security buyers, the auditable architecture is a feature of the purchase decision. You are buying support, SLAs, and managed infrastructure from us. The code that actually touches your proprietary data runs locally on your machine.

The Enterprise Buying Case

Your legal team will have three questions. Here are the answers.

**Can we review it?** Yes. Enterprise evaluation includes a full technical security review package. Your security team can audit before purchase, during evaluation, and at any point during your subscription.

**Can we run it fully on-prem?** Yes. Enterprise tier includes Docker Compose and Kubernetes Helm chart deployment for fully air-gapped environments. No Pretense infrastructure required.

**What happens if we need to terminate?** Your mutation history and audit logs are yours. They are stored locally or in your own infrastructure. You are never locked into Pretense infrastructure to access your own compliance data.

Your Security Team's Questions Answered

**"How do we know the mutation map is not transmitted?"** The outbound connection handler accepts the mutation map as a constructor parameter and uses it to transform the request body before forwarding. The map is never serialized into the outbound request. Enterprise customers can verify this in the security review.

**"What happens if the mutation algorithm has a bug that exposes real identifiers?"** All bugs are tracked and disclosed in our security advisory process. Enterprise customers receive immediate notification of any security-relevant issues.

Conclusion

Auditability in security is not naive. It is the correct technical and commercial decision for a tool that asks enterprises to trust it with their most sensitive data.

The mutation engine being auditable is the feature. The algorithm being documented does not help an attacker. Knowing how AES-256 works does not help you decrypt traffic. Knowing how Pretense mutates identifiers does not help you reconstruct the mutation map. Your mutation map is the secret, and it never leaves your machine.

Security through obscurity is not security. Pretense is secure because the architecture is local-first, not because the algorithm is hidden.

[Talk to us about enterprise deployment](/early-access)