Security

Your IP is the asset.
We treat it that way.

Security is not a feature at NeevSemi — it is the premise. Every product decision starts with the question: how do we ensure your semiconductor design data stays yours?

By Product

Security built into every layer

Each NeevSemi product has a distinct security posture matched to where it sits in your infrastructure.

On-Premise

LLMLocal

Highest Security Tier
  • Air-gapped deployment — runs entirely behind your firewall with no outbound connections required after setup
  • Zero data egress — prompts, completions, and design data never leave your network
  • ITAR & export control compliance — deployment configuration validated for regulated environments
  • Audit logs under your control — all inference logs stored locally, never transmitted to NeevSemi
  • Fine-tuning on proprietary data — training runs stay on your GPU cluster

Gateway

LLMGateway

Enterprise Security Tier
  • TLS encryption in transit — all API traffic encrypted end-to-end between EDA tools, gateway, and providers
  • Semantic audit logging — every request and response is logged with intent metadata for compliance review
  • Rate limiting & access controls — per-team and per-workflow token budgets enforced at the gateway
  • Provider isolation — credentials for each LLM provider are vaulted separately, never exposed to EDA tools

Benchmark

LLMScoreBench

Configurable Data Scope
  • Benchmark data stays local — custom benchmark tasks run against your local or air-gapped LLM deployment, not sent to NeevSemi servers
  • Isolated scoring environment — evaluation pipeline runs in a sandboxed context per benchmark run
  • No design IP in shared infrastructure — benchmark results are never aggregated or shared without explicit customer consent

Website & Infrastructure

How we protect neevsemi.com

HTTPS Everywhere
All traffic to neevsemi.com is encrypted via TLS 1.2+. HTTP requests are automatically redirected to HTTPS. HSTS headers enforce secure connections.
Minimal Data Collection
We collect only what you give us via the contact form. No third-party analytics trackers, no advertising pixels, no cross-site fingerprinting scripts on this site.
Access Controls
Backend systems and form submissions are accessible only to authorised NeevSemi personnel under role-based access controls with multi-factor authentication enforced.
Dependency Hygiene
This website runs on zero third-party JavaScript CDN dependencies. No external scripts are loaded, eliminating supply chain attack vectors entirely.
Secure Headers
Content Security Policy, X-Frame-Options, X-Content-Type-Options, and Referrer-Policy headers are set to mitigate XSS, clickjacking, and information leakage.
Regular Reviews
Our security posture is reviewed periodically by the founding team. We aim to achieve formal third-party penetration testing as the product matures.

Responsible Disclosure

Found a vulnerability?

We take security reports seriously. If you discover a potential security issue in our website or products, please disclose it responsibly before making it public.

Email us at [email protected] with the subject line "Security Disclosure". Include a description of the issue, steps to reproduce, and potential impact. We commit to acknowledging your report within 5 business days and working with you on a coordinated disclosure timeline.

We do not operate a bug bounty programme at this time, but we genuinely appreciate responsible researchers who help make the ecosystem safer.

Questions about our security posture?

Our team is happy to walk through security requirements specific to your environment — especially for ITAR-regulated or high-security deployments.

Contact Us