Security — Kumty

Data Sovereignty

Your data never leaves your walls.

Other AI tools send your project data to OpenAI, Anthropic, or Google. Your tasks. Your budgets. Your decisions. Your vendor names.

Kumty’s Data Anonymization Layer ensures zero project data reaches any external AI. Your prompts go out — anonymized and structurally faithful. Your data stays in.

It’s not a setting. It’s the architecture.

How the DAL works Talk to security

Defense in Depth

The 13-Layer Zero Trust Chain

Every request to the platform passes through thirteen independent security layers. No single failure exposes data. To breach the chain, an attacker would have to defeat all thirteen — at the same time.

Network isolation

No service talks to another without a verified identity.

Every internal request between platform services is mutually authenticated and encrypted. A compromised pod can't impersonate another. Lateral movement is blocked at the network layer before it ever reaches an application.

Session integrity

Sessions are bound to the device and IP that created them.

Stolen session cookies are useless somewhere else. Sessions live in a hardened store with strict cookie flags, IP binding, and idle expiry. A leaked token alone doesn't grant access.

Device authorization

Unrecognized devices are challenged before sign-in completes.

First-time devices go through additional verification. Admins can review and revoke any registered device in one click. A password leak isn't enough — the attacker also needs your hardware.

Identity verification

Every request carries a tamper-proof identity claim.

Tokens are short-lived, signed, and verified at the edge before any request reaches application code. Forgery is mathematically infeasible — and tokens that should have expired actually do.

Content security

Browsers are told exactly what they may load and run.

A strict content security policy blocks injected scripts, untrusted images, and unauthorized iframes. Even if an attacker found an XSS vector, the browser refuses to execute it.

Upload guard

Files are inspected before they ever touch storage.

MIME types are validated against actual file contents — not just the filename. Oversized payloads, executable disguises, and known-bad signatures are rejected at the boundary.

Input sanitization

Every user input is type-checked and screened for injection.

API inputs are validated against strict schemas. Free-text fields pass through prompt-injection screening before reaching any AI surface. Garbage in is rejected before it can become garbage out.

Rate limiting

Bursts and brute-force attempts are throttled per actor.

Limits apply per user, per action, per tier — independently. A misbehaving script can't drown out a legitimate user, and a credential-stuffing attempt can't outpace lockout.

Audit & risk scoring

Every meaningful action is logged with a risk score.

Sensitive actions are recorded with actor, target, and a computed risk score. Anomalies surface in real time. An attacker leaves a trail — and the system notices the trail.

Prompt injection protection

User text is classified before it ever reaches a model.

Inputs that try to override AI instructions are flagged and blocked. The model only ever sees content the platform trusts, so jailbreaks never get the chance to fire.

Tenant isolation

Three independent layers all enforce the same rule.

Every database query, every middleware check, and every audit record verifies tenancy. To breach another tenant, an attacker would need to defeat three independent layers simultaneously — a defense-in-depth approach with zero shared state.

Permission check

Role and permission are verified on every API route.

There is no "trusted internal endpoint." Every route checks the caller's permission against the action they're attempting. A valid token for one role can't act as another.

Feature visibility

Users only see what they're allowed to use.

Modules and features are gated per role and per user. UI elements don't render, API routes don't respond, and search results don't include things the caller has no business seeing.

Compliance Roadmap

Where we are. Where we’re going.

We’d rather be honest about our certification posture than oversell it. Here’s the truth — and what’s coming next.

GDPR

Shipped

Right to access, right to erasure, data portability, consent management, and breach notification — all built into the platform.

Available now

SOC 2 Type II

In Progress

Controls implemented and operating. Independent audit window in progress with a Big-4 affiliated assessor.

Audit window active

ISO 27001

In Progress

Information Security Management System established. Stage 1 readiness review scheduled.

Stage 1 prep

HIPAA

Planned

Technical safeguards in place. Business Associate Agreement program and risk assessment activate when our first healthcare customer signs.

On request

Architecture Principles

Three rules we never break.

PostgreSQL is the only source of truth

Every cache, every event, every search index is reconstructable from one authoritative store. There is no shadow database to drift, leak, or be forgotten.

Zero project data to external AI

Anonymization happens before any external model sees a token. Mappings are ephemeral. The LLM never learns a real name, vendor, budget, or date. Ever.

Tenant isolation in three independent layers

Database, middleware, and audit each enforce the same rule. To leak data across tenants, an attacker would have to defeat all three at once.

Doing diligence on Kumty?

We’ll send the SIG questionnaire, the architecture white paper, and a live walkthrough of how the Data Anonymization Layer works — under NDA. No marketing fluff.

Request a Security Assessment Email security team

Responsible disclosure: report vulnerabilities to security@kumty.com. We acknowledge within one business day.