Security
Tenant isolation and zero-knowledge encryption, by design.
Security here is an architecture, not an afterthought — enforced at the database, in every agent’s identity, and on the columns you choose to encrypt end-to-end.
Row-level tenant isolation
Postgres row-level security is enabled and forced on the core tables, so every query is scoped to your tenant at the database — not just in application code.
Zero-knowledge column encryption
Encrypt sensitive columns with AES-GCM and per-user P-256 keys, with owner escrow. We store ciphertext and cannot read the plaintext.
Per-seat agent identity
Every agent seat mints its own scope-pinned token — never a shared master key — so an agent can only touch what it has been explicitly granted.
Hardened auth
Bcrypt password hashing, rotating refresh tokens, and email verification, with an unverified scope until a new account confirms its address.
Encrypted secret columns
Store API keys and credentials in secret columns; plain reads return only whether a value exists, never the value itself.
Private semantic search
Search-by-meaning runs on tenant-local models on our own infrastructure — your content never goes to a metered third-party AI.
On compliance
Honest statusWe don’t hold SOC 2 or ISO certifications yet, and we won’t claim badges we haven’t earned. What we can offer today is the architecture above — forced row-level isolation, zero-knowledge encryption, and per-seat identity — plus a Data Processing Agreement on request. If a formal certification is a requirement for you, talk to us about the roadmap.
Security FAQ
Security questions, answered
How is one tenant’s data isolated from another’s?
What does zero-knowledge column encryption mean?
Do you have SOC 2 or ISO certifications?
How do AI agents fit the security model?
Build on a foundation you can read.
Start free and encrypt what matters from day one.