Security you don't need to think about
Every AI call, every piece of data processed, every execution operates within a governance, traceability and control layer designed for environments that require auditing and compliance.
E2E Encryption
Data protected with AES-256 encryption at rest and TLS 1.3 in transit. No data travels or is stored without protection.
Tenant Isolation
Each client operates in an exclusive tenant. Zero data, infrastructure or cache sharing between organizations.
Full Traceability
Every AI call, every action and every data transformation generates an immutable record with timestamp and user identification.
AI Governance
Control over which models each team can use. Prompt versioning, critical flow approval and sandbox for testing.
Security principles
Tenant Isolation
Each client operates in an isolated tenant on the OORT cloud. Zero data, database or cache sharing between organizations.
Full Traceability
Every AI call, every agent action, every data transformation generates an immutable record. Complete audit trail, exportable, with timestamps and user identification.
Granular Access Control
RBAC with permissions by platform, by flow, by data. SSO via SAML 2.0 and OIDC. Mandatory MFA for administrators. Sessions with configurable expiration.
FinOps and Cost Control
Every AI call has tracked and attributed cost. Limits by user, by team, by flow. Automatic alerts before budget overruns.
Model Governance
Control over which AI models each team can use. Prompt versioning, critical flow approval, sandbox for testing before production.
Incident Response
Response SLA defined in contract. Dedicated security team. Transparent communication in case of incidents. Recovery plan tested quarterly.
How we protect your data
Encryption at rest
AES-256 for all stored data. Customer-managed keys when needed (BYOK).
Encryption in transit
TLS 1.3 on all connections. Certificate pinning for service-to-service communication.
Data isolation
Each client operates in an isolated tenant. No infrastructure, database or cache sharing between organizations.
Configurable retention
Retention policies defined by the client. Automatic deletion after configured period. Right to be forgotten guaranteed.
Encrypted backups
Automatic backups with independent encryption. 30-day retention. Recovery tested monthly.
Anonymization
Sensitive data anonymized before feeding AI models. PII never reaches LLMs without prior treatment.
Infrastructure. The platform runs on OORT's own cloud, hosted on Azure, with access granted by tenancy.
Own cloud on Azure
All OORT infrastructure runs on Azure, managed by our team. Security, updates and monitoring under our control.
Isolated tenancy
Each client receives an exclusive tenant with complete data, processing and configuration isolation. Nothing is shared between organizations.
Controlled access
Access granted by tenant, with integrated authentication, granular permissions and session auditing.
Regulatory compliance
OORT was designed considering the requirements of regulated industries. Finance, healthcare, government, insurance. Each control exists to meet the demands of these environments.
Frequently asked questions
On OORT's own cloud, hosted on Azure. Each client operates in an isolated tenant, with complete data segregation. No data is shared between organizations.
No. Your data is never used to train third-party models. When we create models specific to your business, they operate exclusively within your tenant.
RBAC with granular permissions by platform, flow and data. Integration with your IdP via SAML 2.0 or OIDC. Mandatory MFA for administrators.
99.9% uptime guaranteed by contract. Infrastructure managed by OORT on Azure with 24/7 monitoring.
Send it to seguranca@oortlabs.com.br. We respond within 24 hours. We maintain a responsible disclosure program.