Security & Compliance

Enterprise-grade security from day one. Your data stays in your infrastructure.

Security Features

SOC 2 Type II

Available

Comprehensive security controls audited annually. Trust center available on request.

HIPAA

Q2 2026

Healthcare compliance with BAA. PHI handling with encryption at rest and in transit.

Your AWS Account

Available

Deploy to your own AWS infrastructure. Data never leaves your environment. Full sovereignty.

Encryption

Available

AES-256 at rest. TLS 1.3 in transit. Customer-managed KMS keys on Enterprise.

SSO & SAML

Enterprise

Okta, Azure AD, Google Workspace. Enterprise single sign-on with SAML 2.0 and OIDC.

Role-Based Access

Available

Granular permissions for agents, knowledge bases, and workflows. Team and org policies.

Audit Trail

Available

Every action logged with user, timestamp, and context. Export to your SIEM.

Session Management

Available

View active sessions. Revoke access remotely. Configurable timeout policies.

Compliance Roadmap

SOC 2 Type II

Available now

GDPR

Available now

HIPAA

Q2 2026

PCI DSS

Q3 2026

ISO 27001

Q4 2026

How We Handle Your Data

All LLM calls route through AWS Bedrock - no data sent to external AI providers
PII detection and redaction in agent responses
Input sanitization to prevent prompt injection
Citation verification and quality scoring
90-day retention on chat messages (configurable)

Request Security Review Start Free

Back to Home

Security & Compliance

Enterprise-grade security from day one. Your data stays in your infrastructure.

Security Features

SOC 2 Type II

Available

Comprehensive security controls audited annually. Trust center available on request.

HIPAA

Q2 2026

Healthcare compliance with BAA. PHI handling with encryption at rest and in transit.

Your AWS Account

Available

Deploy to your own AWS infrastructure. Data never leaves your environment. Full sovereignty.

Encryption

Available

AES-256 at rest. TLS 1.3 in transit. Customer-managed KMS keys on Enterprise.

SSO & SAML

Enterprise

Okta, Azure AD, Google Workspace. Enterprise single sign-on with SAML 2.0 and OIDC.

Role-Based Access

Available

Granular permissions for agents, knowledge bases, and workflows. Team and org policies.

Audit Trail

Available

Every action logged with user, timestamp, and context. Export to your SIEM.

Session Management

Available

View active sessions. Revoke access remotely. Configurable timeout policies.

Compliance Roadmap

SOC 2 Type II

Available now

GDPR

Available now

HIPAA

Q2 2026

PCI DSS

Q3 2026

ISO 27001

Q4 2026

How We Handle Your Data

All LLM calls route through AWS Bedrock - no data sent to external AI providers
PII detection and redaction in agent responses
Input sanitization to prevent prompt injection
Citation verification and quality scoring
90-day retention on chat messages (configurable)

Request Security Review Start Free