Security & Compliance
Enterprise-grade security from day one. Built on AWS Bedrock with full tenant isolation and audit logging.
Security Features
Built for enterprise
Security controls that protect your data and satisfy compliance requirements.
VPC Isolation
AvailableAll resources deployed in private subnets. RDS Proxy, S3 Gateway endpoint, and Lambda in private VPC.
KMS Encryption
AvailableAES-256 at rest with AWS KMS across Aurora, S3, and OpenSearch. TLS 1.3 in transit.
Dedicated Deployment
EnterpriseIsolated single-tenant deployment with dedicated Aurora, AgentCore, and CloudFront — operated by us for regulated industries.
Multi-Tenant RBAC
AvailableFour-tier role hierarchy with PostgreSQL row-level security enforcing tenant isolation at the database level.
CloudTrail Audit Logging
AvailableEvery API call logged via CloudTrail. Application-level audit trail with user, timestamp, and action context.
Infrastructure Audit Tests
AvailableAutomated compliance test suites for HIPAA, SOC 2, GDPR, NIST 800-53, and ISO 27001 controls.
Cognito Authentication
AvailableCognito User Pool with invite-only registration, MFA, and OAuth/OIDC.
AWS Bedrock Only
AvailableAll AI inference through AWS Bedrock. No data sent to third-party AI providers. Region-scoped.
Infrastructure Compliance Tests
Automated audit test suites
Infrastructure compliance tests against major frameworks, built on AWS compliance-eligible services.
SOC 2 Controls
Tests included
HIPAA Controls
Tests included
GDPR Controls
Tests included
NIST 800-53
Tests included
ISO 27001
Tests included
Data Handling
- All LLM calls route through AWS Bedrock — no data sent to third-party AI providers
- Encrypted at rest (KMS) and in transit (TLS 1.3)
- PostgreSQL row-level security enforces tenant isolation on every query
- CloudTrail audit logging on all API calls
- Dedicated single-tenant deployments available for regulated industries
Ready to discuss security?
We can provide security documentation, answer compliance questions, and schedule a review.