Public commitments · Closed

Public commitments registry

All six enterprise documentation commitments from the BeProof PRD are published on this website for pilot and procurement review. BeProof remains pilot-ready — not full Enterprise GA.

Commitments documented6/6

Closure status

6 of 6 PRD public commitments documented with public pages — retention, support matrix, SSO/RBAC, isolation/encryption, vulnerability disclosure, versioning.

1

Retention schedule

Documented

Personal, managed endpoint, and control plane retention — default 90 days upstream in pilot.

2

macOS support matrix

Documented

macOS 14–15, Apple Silicon, permissions, PPPC, and MDM deployment runbooks.

3

SSO / RBAC model

Documented

Firebase admin auth (pilot), four org roles, device JWT enrollment. SAML/OIDC — post-GA.

4

Tenant isolation & encryption

Documented

Per-tenant scope, RBAC, TLS. Journal payloads are encrypted; inventory tables are metadata-only but not encrypted in the current release. Ed25519 export signing; GCP cloud encryption.

5

Vulnerability disclosure

Documented

Private report channel, 3-day ack target, latest-release support policy, safe harbor.

6

Unified versioning contract

Documented

Three independent axes: app release, Policy Pack semver, data contract version — all in export manifest.

Pilot → GA documentation pack

Public commitments closure completes the pilot → GA documentation pack:

Post-pilot gaps (documented honestly)

These are not hidden — they are outside the six PRD public commitments and remain roadmap or contractual items:

  • BeProof SOC 2 / ISO 27001 certification
  • SAML/OIDC enterprise admin SSO
  • SIEM production streaming (M4)
  • EU data residency (on requirement)
  • Enterprise SLA and commercial pricing