Skip to main content
Cube5

Security & Privacy

Yourdata,yourrules.

Enterprise AI adoption is limited by trust, not capability. Cortex makes security, auditability, and deployment boundaries visible from day one.

Data isolation

Every tenant operates in a fully isolated environment. Your data is never mixed with other organizations. Indexes, storage, and processing are scoped to your tenant.

Traceability

Every AI-generated output links to its source documents with inline citations. Full audit trails for all user actions, queries, and generated artifacts.

Access control

Container-based RBAC with role inheritance. Admins, editors, and viewers. Private containers block inheritance for sensitive content. Permissions enforced at the service layer.

Deployment flexibility

Cube5-hosted single-tenant, customer VPC with private networking, or on-premises deployment. Choose where your data lives based on your compliance requirements.

AI governance

AI should augment human judgment, not replace it. Cortex enforces guardrails at every stage of the AI pipeline.

  • AI outputs are advisory — human review gates before finalization
  • No customer data used for model training
  • LLM calls are logged and traceable via Langfuse
  • Citation-first design: claims without evidence are flagged
  • Model selection configurable per deployment
  • Input/output filtering for sensitive content

    • Compliance

    Built to meet the highest security standards for enterprise and heavily regulated industries.

  • SOC 2 Type II (in progress)
  • GDPR-compliant data processing
  • Data residency options (EU, US, custom)
  • Right to erasure support
  • Data processing agreement available
  • Regular third-party security assessments

    • Questions about security?

    We're happy to walk through our security architecture, share our security documentation, or discuss your specific compliance needs.

    Talk to our security team