Security at Every Layer
Sentrul is built for governed AI operations with tenant isolation, plan-based audit retention, and contract-dependent compliance features such as HIPAA BAA support on higher tiers.
Data Encryption
AES-256 Encryption at Rest
All stored data including knowledge bases, execution logs, and credentials are encrypted with AES-256. Database storage uses Azure-managed encryption keys with automatic rotation.
TLS 1.3 in Transit
Every API call, webhook, and agent communication is encrypted with TLS 1.3. Certificate management is automated through Cloudflare origin certificates.
Azure Key Vault Integration
Secrets and API keys are stored through Azure Key Vault-backed flows. BYOK keys are not kept as plaintext in PostgreSQL and are managed separately from the application codebase.
Access Control
Human-in-the-Loop (HITL)
High-risk agent actions require explicit human approval before execution. Every HITL decision is logged with the approver identity, timestamp, and action context.
Role-Based Access Control
Three role tiers (Admin, Member, Viewer) control access to departments, agents, and administrative functions. Entitlements are enforced at both API and UI layers.
Service-to-Service Auth
Internal service calls use signed RPC authentication, replay windows, and tenant-scoped validation before requests reach orchestration or billing logic.
Compliance & Audit
Tamper-Proof Audit Logs
Every agent execution, approval, and system event is logged for auditability. Retention is plan-specific: none on Trial, 30 days on Starter, 90 on Essentials, 365 on Operations, and permanent on Enterprise.
Tenant Isolation
Each organization operates in a fully isolated tenant. Data, agents, and execution contexts cannot cross tenant boundaries. Row-level security is enforced at the database layer.
SOC 2 Readiness Controls
The platform exposes audit-ready controls, tenant isolation, and retention policies that support compliance programs. Public pages should treat these as readiness controls rather than blanket certification claims.
Ready to see our security in action?
Start a free trial with your own API keys. Your data stays encrypted, isolated, and under your control from day one.