Security and compliance architecture
Cognify is built for regulated enterprises. Infrastructure decisions were made with security-first principles from day one.
Security controls
Encryption at rest and in transit
AES-256 at rest, TLS 1.3 in transit for all API and UI traffic.
Role-based access control
Fine-grained RBAC with organizational, workspace, and project-level permission scopes.
On-premises deployment
Run Cognify in your own VPC or on-premises. No training data leaves your perimeter.
Audit log immutability
Write-once append-only audit log. SHA-256 chained entries. No admin override.
SOC 2 program
SOC 2 Type II audit initiated. Controls documentation available under NDA for enterprise customers.
Data residency options
US, EU, and APAC hosted regions. Data never crosses region boundary without explicit customer config.
Deployment options
From fastest-to-start cloud to fully air-gapped on-premises — pick the deployment model that fits your security requirements.
Cloud (multi-tenant)
Fastest to start. Isolated per-organization data. SOC 2 controls. Data retained in region of choice.
Cloud (single-tenant VPC)
Dedicated compute and storage. Your Cognify instance, no shared infrastructure.
On-premises
Run entirely within your VPC or data center. Air-gapped deployment available. Training data never leaves your perimeter.