Built for teams that need audit trails.
Enterprise-grade security, compliance, and data protection from day one. Every interaction logged, every decision traceable.
Security by Design
End-to-End Encryption
All data encrypted in transit (TLS 1.3) and at rest (AES-256). Your workspace data, memory, and conversation history stay encrypted across our infrastructure.
Complete Audit Trails
Every agent action, tool invocation, and model call is logged with full context. Reconstruct any output end-to-end — who requested it, which agents ran, which models were called, and when.
Role-Based Access Control
Granular permissions for every workspace. Admins set budgets and access rules, editors do the work, viewers observe. No unauthorized access.
SOC 2 Type II (In Progress)
Currently undergoing SOC 2 Type II audit. We're building to the standard from day one — audit readiness is not an add-on.
Compliance & Certifications
How We Protect Your Data
Your Keys, Your Control
Bring your own API keys (BYOK) for all AI providers. Your credentials never touch our servers — agents call provider APIs directly using your keys.
Zero-Knowledge Architecture
Workspace data is encrypted with keys derived from your account credentials. We can't read your memory, conversations, or file cabinet without your password.
Isolated Workspaces
Every workspace runs in its own isolated environment. No cross-workspace data leakage, no shared agent state between projects.
Automatic Data Retention Policies
Configure retention policies per workspace. Auto-delete logs, conversation history, and memory after a set period — or keep everything indefinitely.
Security FAQ
Do you train models on our data?
No. We do not train models on your workspace data, conversations, or memory. Your data stays in your workspace and is never used for model training or feature development.
Where is our data stored?
By default, data is stored in US-based AWS regions (us-east-1). Enterprise customers can request EU or APAC data residency.
Can we export our data?
Yes. You can export all workspace data (conversations, memory, file cabinet, audit logs) at any time via the dashboard or API.
What happens if we delete our account?
All workspace data, conversations, memory, and audit logs are permanently deleted within 30 days. We provide a final export opportunity before deletion.
Do you have a bug bounty program?
Not yet, but it's on our roadmap for Q3 2026. If you discover a security issue, please email security@getnodeweaver.com.
Can we get a security questionnaire filled out?
Yes. Enterprise customers receive a dedicated security contact and can request completed security questionnaires. Email enterprise@getnodeweaver.com.
Have security questions?
Our security team is here to answer technical questions, provide documentation, or walk through our architecture.