Security & Trust

Our commitment to safeguarding your application and telemetry data.

ISO 27001 & SOC 2 Aligned

1. Multi-Tenant Data Isolation

All data in Cohort AI is logically separated. The system runs multi-tenant middleware that validates every request header. Downstream queries require an explicit project key check, ensuring no client or SDK can ever view another tenant's configuration or analytics.

2. High Encryption Standards

We enforce secure encryption configurations:

  • Data in Transit: TLS 1.3 encryption prevents snooping or alteration of client traffic.
  • Data at Rest: Cloudflare D1 storage volumes are fully encrypted using military-grade AES-256 standards.
  • Credentials & Secrets: API keys, Gemini credentials, and keys are protected as Worker-injected environment secrets and are never exposed in logs or source control.

3. Immutable Logs & Audit Trails

All critical business modifications (such as changing Multi-Armed Bandit configurations or editing localized copy variants) write to immutable database audit tables. This guarantees history cannot be modified by dashboard users or external agents.

4. Vulnerability Disclosure Program

If you identify a security issue, please contact us at security@cohort.ai. We guarantee a prompt response within 48 hours.