Guides
ChangelogStatus PageAPI ExplorerAPI ReferenceCLI ReferenceBlogIMPACT 2025

AI Security & Governance

Overview

To ensure AI-powered features are safe, secure, and privacy-respecting, we have implemented industry-standard security controls aligned with frameworks such as NIST and ISO 42001.

Our AI features follow all previously stated security controls.

Governance & Risk Management

Monte Carlo maintains a documented inventory of all third-party AI models integrated into our solutions, including use-case purpose, data flow, and vendor details.

Governance procedures assign clear accountability for AI security and privacy at every stageβ€”implementation, operation, and incident response.

AI projects are guided by established governance frameworks. We set clear accountability for AI development and deployment, including formal review of new features by technical, security, and compliance teams before launch. Policies are regularly updated to incorporate emerging best practices and legal requirements.

Model Development and Evaluation

We build AI solutions starting with carefully defined business objectives and use only data sources vetted for quality and relevance. Model performance is independently validated with robust testing for accuracy, reliability, and resilience against adversarial scenarios. We monitor for potential bias and address findings before features reach production.

Transparency and Explainability

We strive to ensure that AI system behavior is understandable and interpretable. Users are informed where and how AI is used in the platform, and explanations are provided for key outcomes where practical. Documentation of model logic and training processes is maintained for internal review and audit.

Data Protection & Privacy

Monte Carlo encrypts data at rest and in transit before any interaction with external AI services.

Only the minimum necessary data is sent for processing, with sensitive identifiers and confidential records anonymized wherever possible.

Monte Carlo does not use customer data or AI prompts to train external models; contractual restrictions with AI partners enforce this.

All data used for AI model development and operations is processed in secure, encrypted environments. Personal and sensitive information is protected throughout, in compliance with data privacy regulations such as GDPR and the EU-U.S. Data Privacy Framework. Access to training and operational data is tightly restricted and logged.

Data Isolation

Strong isolation ensures that AI pipeline metadata from one customer is never co-mingled with another’s.

Customer data remains the property of the customer; Monte Carlo only accesses data as needed for observability.

Access Controls

Role-based and attribute-based access policies restrict who can interact with AI features and underlying data.

Multi-factor authentication (MFA) is required for both administrative and operational access to AI systems and model APIs.

All model access and decision logs are monitored.

Secure Model Interaction

Prompt and input validation is enforced for all AI features to prevent prompt injection, adversarial manipulation, and data leakage.

API keys and credentials are scoped per environment and rotated regularly, with secrets management tools ensuring safe storage and access.

MCP Server Security

Tool Governance

Every tool exposed by the Monte Carlo MCP Server is first-party: defined, reviewed, and maintained by Monte Carlo. Tool names, descriptions, and input schemas are reviewed by engineering and security as part of the standard pre-release feature review before a tool is added to a published toolset. Tool descriptions are version-controlled and change only through that review path, so they cannot be silently altered to mislead a connected model into unintended actions. Toolsets let administrators further restrict which reviewed tools are exposed to a given client.

Sustainability and Ownership

The Monte Carlo MCP Server is a first-party, fully managed service built and operated by Monte Carlo and hosted within Monte Carlo's AWS environment. It is not a community or third-party MCP server, so the abandonment and malicious-takeover risks associated with unmaintained public MCP servers do not apply: there is no third-party package or registry in the trust path that a bad actor could take over. MCP Server deprecations follow the same advance-notice approach Monte Carlo applies to its other API surfaces. MCP Server keys are scoped credentials that grant access only to the MCP Server and can be rotated or revoked independently of other Monte Carlo integrations.

Monitoring & Incident Response

Monte Carlo continuously monitors all AI model activity, API calls, and outbound data for unusual behavior or security events.

Automated anomaly detection flags suspicious usage for investigation by our security team.

Monte Carlo's incident response plan includes procedures for assessing, containing, and notifying on breaches involving third-party AI vendors.

Once deployed, AI models are subject to continuous monitoring for drift, unexpected outcomes, and vulnerabilities. Automated alerts and manual review processes are in place to catch anomalies early. Incident response procedures include rapid rollback and root-cause analysis. Updates and patches are applied promptly to address new risks.

Ongoing Improvement

We regularly review and update our AI risk management protocols in response to advancements in technology, regulatory changes, and customer feedback. Audit logs, performance metrics, and user reports are leveraged to identify and mitigate emerging risks.

Compliance

All model integrations comply with data protection regulations such as GDPR, and CCPA, as applicable to customer geography and sector.

External security audits and penetration tests are conducted at least annually, with AI-specific attack scenarios (for example, prompt injection and tool-misuse paths against AI and MCP surfaces) included in scope. AI penetration testing is also performed within Monte Carlo's CI pipeline. Findings are remediated within published SLAs.

Customers can request reports of AI system interactions and data handling for review and compliance.

Subprocessors and Model Vendors

Subprocessors do not use AI pipeline metadata for their own model training or service improvement.

Subprocessor Change Notification

Monte Carlo notifies customers before adding or replacing a subprocessor where the customer has subscribed to subprocessor update notifications. Customers can subscribe by emailing [email protected] with the subject line "Subprocessor Notification Request." Subscribed customers have a 15 calendar day window to object to a newly added subprocessor under the terms of the Data Processing Addendum. Routine model-version updates within the existing provider (for example, newer Anthropic Claude versions in AWS Bedrock) occur under the same data-handling and contractual controls and do not change the subprocessor of record.

Updated 1 day ago