High-level security guidance for teams deploying CortexDB in controlled environments.

Enterprise Security

Security for CortexDB should be planned the same way you plan security for other stateful application infrastructure: around identity, network boundaries, storage controls, auditing, and operational responsibility.

This page focuses on those deployment considerations at a public, high level.

Authentication and access

Applications typically authenticate to CortexDB using bearer credentials.

curl https://your-cortexdb/v1/recall \
  -H "Authorization: Bearer your-api-key"

For production use, teams should define:

  • how application credentials are issued and rotated
  • which services and operators are allowed to access CortexDB
  • how tenant, workspace, or environment boundaries are enforced in application use

Encryption and transport protection

Self-hosted deployments should follow your organization’s standards for:

  • encrypting sensitive data according to policy
  • protecting secrets and service credentials
  • terminating TLS or applying network-layer encryption
  • restricting access to trusted networks and workloads

Tenant governance

Many teams use CortexDB in multi-tenant or multi-workspace environments.

In those cases, security planning should include:

  • clear tenant scoping in applications and integrations
  • environment separation for development, staging, and production
  • least-privilege access for services that read or write memory
  • review paths for retention, deletion, and data handling requirements

Auditability

Production deployments should make memory operations observable and reviewable.

That usually means capturing:

  • who or what system accessed the service
  • what action was performed
  • which tenant or workspace was affected
  • whether the operation succeeded or failed

See Audit Trail for the broader governance view.

Compliance planning

If you are operating in a regulated environment, CortexDB should be deployed as part of your broader compliance program rather than as a standalone exception.

Typical topics to review include:

  • data residency requirements
  • retention and deletion policies
  • incident response and audit evidence
  • vendor and provider controls when external AI services are used

Shared responsibility

Security posture depends on deployment model.

  • In managed environments, focus on application identity, access, and usage policy.
  • In self-hosted environments, also plan for networking, secrets, storage, monitoring, backups, and operator procedures.

Next Steps

Audit Trail

Review governance and audit-oriented workflows.

Production Checklist

Validate readiness before launching a production deployment.