Skip to main content

Security

Security is not a feature. It is the foundation.

Every layer of Cortex is designed with security-first principles. Full audit trails, encryption, and compliance built in.

Encryption

AES-256 encryption at rest. TLS 1.3 for all data in transit. Customer-managed encryption keys available on Enterprise.

Compliance-ready architecture

Continuous monitoring, evidence collection, and audit-ready reporting designed against SOC 2, ISO 27001, and HIPAA controls. Independent audit reports available under NDA for Enterprise customers.

PII Redaction

Automatic detection and redaction of personal identifiable information in traces and logs.

Data Residency

Deploy in AWS us-east-1, eu-west-1, or ap-southeast-2. Data never leaves your selected region.

Audit Logging

Immutable audit trail for every API call, approval decision, and configuration change. 1-year retention.

Access Control

Role-based access control (RBAC) with granular permissions per workspace, agent, and API key. FIDO2 hardware keys and platform passkeys for admin actions.

Compliance

Standards and certifications

SOC 2 mappingGDPRCCPAISO 27001 mappingHIPAA-readyEU AI Act ready

Need our compliance documentation or have security questions?

Contact security team
DemoUI kit preview — content is fictional.