Governance Model

Security governance is enforced through backend-first policy controls.

Cross-organization visibility is blocked unless explicitly authorized.

Scan and finding lifecycle transitions remain reviewable for forensic workflows.

Protected operations require explicit role and scope checks.

Uncertain authorization or policy context results in blocked operations.