Security for the way intelligence lives, not just how it performs.
Security extends beyond protecting data and into how we design for continuity, identity, and responsible intelligence.
Transparency as design
We don’t hide behind systems. What we build, how it works, and where it’s evolving—made visible.
Security as structure
Protection isn’t layered on. It’s embedded into the architecture from the first decision.
Privacy as control
Your data isn’t ours to hold—it’s yours to govern. Clear control over what exists, persists, and is forgotten.
Accountability in motion
We don’t claim perfection. We commit to visibility, responsibility, and continuous correction.
Security status
Click to filter through the evolving security areas.
Showing: All security areas
01
Identity & Access
Who can act in the system—and how we prove it—before any memory or tool is touched.
Key areas
- Authenticated sessions and tenant-scoped tokens
- Least-privilege roles for internal operations
- Dashboard and API access separated by surface
Approach
Identity is the gate for continuity: we design every path so the right principal is explicit, revocable, and auditable. Strong defaults today; OAuth-scoped access and hardware-backed options on the roadmap.
02
Memory & Continuity
Protecting encrypted memory at rest, in transit, and at the boundaries where intelligence persists.
Key areas
- Envelope encryption at rest (XChaCha20-Poly1305 primary, AES-256-GCM) with a per-tenant key hierarchy
- Encrypted search — vector recall runs over per-tenant encrypted embeddings, engineered to preserve retrieval quality versus plaintext
- TLS 1.3 between services and clients
- Cross-tenant isolation by construction — separate content keys, separate per-tenant vector encryption (scale, rotation, perturbation), and row-level isolation, so two customers who save the exact same words produce uncorrelated encrypted content and vectors
Approach
Continuity is only trustworthy if the substrate is. Encryption at rest is mandatory, isolation is enforced below the app layer, and vector recall runs over per-tenant encrypted embeddings — engineered for full-quality recall, never pooled with anyone else, never used to train a model. Today your per-tenant key is safeguarded by EREBYX; our v0.2 milestone is designed to hand that key to you alone — zero-knowledge memory engineered so that not even we can read it. You're early to that journey, and we document each step honestly so you always know exactly where the line is.
03
Integrations & Permissions
How connectors, MCP, and third-party tools are scoped so agents never exceed intent.
Key areas
- Scoped API credentials and connector manifests
- MCP surface review before GA features ship
- Per-environment separation for beta vs production
Approach
Integrations are force multipliers and risk multipliers. We treat each connector class as a trust boundary: minimal scopes, clear revocation, and a path to OAuth Remote MCP so keys leave config files behind.
04
AI & Model Safety
Guardrails around inference, retrieval, and automation so models amplify policy—never bypass it.
Key areas
- Pipeline controls for summarization and retrieval
- Human-in-the-loop for high-impact actions (roadmap)
- Evaluation harnesses for regression on memory tasks
Approach
Model safety here means architectural safety: bounded context, observable pipelines, and refusal to silently expand scope. We ship incrementally and publish limits alongside capabilities.
05
Data Governance & Privacy
Classification, retention, and disclosure so customers always know what crosses a boundary.
Key areas
- Published subprocessors and data regions
- Retention aligned to product purpose
- Customer-initiated export and deletion paths
Approach
Privacy is a systems property: we pair technical controls with plain-language disclosure. EU alignment and DPA workflows follow customer demand; today we are US-first beta with explicit statements on residency.
06
Infrastructure Security
Network segmentation, patching discipline, and hardened runtime for the services that carry memory.
Key areas
- Provider hardening (OVH primary, warm standby)
- Secrets management and rotation practices
- Baseline images and dependency hygiene
Approach
Infrastructure security is boring on purpose: fewer moving parts, verifiable baselines, and a migration path to TEE-hosted inference as we exit shared-model dependencies in v0.2.
07
Monitoring & Response
Detection, logging, and incident rhythm so issues surface early and resolve quickly.
Key areas
- Centralized logs with access-controlled retention
- Alerting on availability and auth anomalies
- Runbooks for containment and customer communication
Approach
We optimize for fast truth: when something breaks, we can trace it, scope it, and tell customers what happened within a committed window. Public incident reporting ships with the transparency program.
08
Compliance & Governance
Policies, insurance, and audit roadmap—stated conservatively until third-party evidence exists.
Key areas
- Tech E&O + cyber liability (Embroker / Everspan)
- Targeted third-party audit (2026 roadmap)
- SOC 2 Type II evaluated against customer demand
Approach
We do not borrow trust we have not earned. Compliance milestones are published with dates; until audits complete, claims stay grounded in architecture and operational practice—not badges.
09
Responsibility & Ethics
Permanent commitments on training, resale of memory, and how we refuse dark patterns in the product.
Key areas
- No training on customer memories — ever
- No ads or third-party data brokerage in retrieval paths
- Advance notice + export before material policy reversals
Approach
Ethics is encoded in what we refuse to build: intelligence that respects the person includes hard noes on surveillance business models and extractive defaults. The written commitments on our disclosures page are contractual in spirit.
Have a security question or vulnerability report? We read every message and route it with priority.
[email protected]