Security
Secure by design.
Trusted at scale.
SOC 2 Type II certified. Your data is never shared, never used for training, and never leaves your control.
Core principles
Three commitments we make to every customer
We never train on your data
Your data powers insights for your team — nothing else. Never shared across customers. Never used to train or fine-tune any model.
Enterprise-grade access controls
Fine-grained RBAC and row-level security ensure every user sees only the data they’re authorized for. SSO, SAML, and knowledge governance built in.
Complete auditability
Every action logged. Every query traceable. Access logs, query history, and full data lineage available on demand for compliance and internal audit.
Defense in depth
Every layer, locked down
From network edge to application layer, every component is hardened, monitored, and auditable.
Access control
RBAC, RLS & zero-trust
Role-based access control and row-level security ensure users see only what they're authorized to see. Every request is authenticated regardless of network location.
SSO / SAML
Native SAML 2.0 support. Works with Okta, Azure AD, Google Workspace, and more — no friction with your existing identity stack.
Encryption & keys
End-to-end encryption
TLS 1.2+ in transit, AES-256 at rest, with automatic key rotation under formal key management policies.
BYOK & BYOM
Bring your own encryption keys and your own models. Sapien adapts to your security posture — not the other way around.
Monitoring & compliance
24/7 threat monitoring
Continuous automated threat detection across every system boundary. Anomalies surface to our security team in real time — not after the fact.
Enterprise agreements
Enterprise contracts with all cloud and LLM providers, plus DPAs, BAAs, and custom security addenda. Our legal team works directly with yours.
Independently audited
SOC 2 Type II
SOC 3 Type II
Questions