Security built by security people, for security people
Cyberbase was built by the same engineers who sit on the other side of vendor security reviews. The controls we'd ask of our vendors: encryption, certifications, isolation, transparency are the controls we hold ourselves to.
Exceeding Industry Standards
ISO42001
Coming soon
SOC2 Type 2
GDPR
Encrypted in transit and at rest (Data encrypted at rest with AES 256 and in transit with TLS 1.3)
CCPA
No training onuser data
We prioritize transparency about the security of our LLM models
Scalable, enterprise security
Dedicated security team
Our dedicated security team ensures our products and infrastructure are developed and operated with security at their core.
Independent assessments
We’ve partnered with industry leaders NCC Group and BishopFox to rigorously test our web and network defenses.
Security advisory board
Leading security and privacy experts from top financial institutions and cloud providers help shape our programs.
Contractual security guarantee
Cyberbase’s detailed Security Addendum firmly establishes our dedication to safeguarding your data and content.
Data residency controls
We implement strict data residency measures.
Frequentlyasked questions
Does Cyberbase train on your data?
No. We don't train models on customer data. Your policies, questionnaire responses, and security documentation stay yours. We use the data to run the service you asked us to run, and that's it.
Does Cyberbase provide indemnification?
Yes, for IP claims tied to our service. Enterprise contracts include broader indemnification language. Talk to our sales team if you want to see the specifics.
Can Cyberbase AI provide a single-tenant architecture for my organization?
Yes. If you need strict data isolation, we offer single-tenant deployments on dedicated infrastructure as part of our Enterprise plan. That means your data, your environment, no shared anything.
Is Cyberbase SOC 2 Type 2 compliant?
Yes. Our SOC 2 Type 2 report covers the security, availability, and confidentiality criteria, and we're audited annually by an independent third party. You can request the full report through our Trust Center. https://www.cyberbase.ai/product/trust-portal
How does Cyberbase AI protect data?
Data is encrypted at rest with AES-256 and in transit with TLS 1.3. Access is tight, monitoring is continuous, and audits are routine. The whole stack runs on SOC 2 compliant cloud providers with geographic redundancy built in.
What models does Cyberbase AI use, and who sees the data?
We use Anthropic's ISO 42001-certified models under their Commercial Terms of Service. Those terms prohibit training on customer data and govern how it's stored and deleted.
How many subprocessors does Cyberbase AI have?
Three: AWS, Google, and Anthropic. Keeping the list short is a deliberate choice to limit third-party risk. If we ever change it, you'll hear from us in advance, as our Data Protection Addendum requires.
How can I report an issue?
If you would like to report an issue, contact us at security@cyberbase.ai.
