NovekAI was built from the ground up by an experienced team with security, privacy, and compliance prioritized from day one.
"Security is not a feature, it's a foundation. Every line of code, every data interaction, every user session is built with security-first principles."
— NovekAI Security Team
NovekAI was developed following modern security principles, including the zero trust security model, strong authentication practices, the principle of least privilege, and the shift left approach to incorporating security into design, development, and operations.
All customer data is encrypted at rest with FIPS 140-2 validated crypto modules. All data in transit over public networks is transmitted encrypted using TLS 1.2+.
Customers' sensitive health information is maintained and secured in accordance with the Health Insurance Portability and Accountability Act of 1996.
Customers' personal information is maintained and secured in accordance with the EU's General Data Protection Regulation (GDPR).
All token access requires authentication via your enterprise's identity provider. Leverage your existing SSO setup.
Control what data NovekAI stores and indexes. Prevent select data from surfacing results for certain system terms.
NovekAI only shows you the information you already have permission to access. If a team permission changes, it reflects those changes immediately.
Privacy mode is enabled by default during onboarding. When active, we guarantee that code data is never stored in plaintext on our servers.
All your data is only in your own VPC. Complete isolation ensures the highest level of security for enterprise customers.
All data is encrypted at rest using AES-256. All data is encrypted in transit using TLS 1.2+. Controls are in place to audit all access.
