Tenant-scoped memory
Every memory and cache entry carries tenant_id and namespace. Requests can also use X-Zepto-Tenant-Id, with conflict rejection when JSON and header disagree.
Tenant-scoped memory
Every memory and cache entry carries tenant_id and namespace. Requests can also use X-Zepto-Tenant-Id, with conflict rejection when JSON and header disagree.
No provider calls
ZeptoDB does not call embedding providers or LLM providers from the server. Applications control prompts, models, provider credentials, and embeddings.
Encryption
TLS 1.3 on every endpoint, including cluster RPC. Optional mTLS for service-to-service auth. Data encrypted at rest through deployment storage controls.
Authentication and RBAC
JWT / OIDC, API keys with rotation, mTLS client certificates, and RBAC with built-in admin, writer, reader, analyst, and monitor roles.
Agent Memory stores operationally sensitive context: summaries, retrieved facts, prompt cache entries, embeddings, replay metadata, and operational stats. The model keeps those boundaries explicit:
In cluster mode, Agent Memory supports routed writes, point reads, fan-out search/context, semantic-cache fan-out, replica WAL durability policy, cluster-scoped stats, and owner-failover reporting. Shard migration dual-write/catch-up remains future work.
ZeptoDB exposes evidence primitives that can support security and compliance reviews across agentic operations, finance, industrial, automotive, and utilities:
| Standard | Relevance | Status |
|---|---|---|
| SOC2 Type II | Audit logging, RBAC, encryption, change evidence | Evidence surface |
| MiFID II | Trade audit trail, access controls, decision replay | Evidence surface |
| GDPR | Namespace isolation, deletion support, tenant scoping | Evidence surface |
| PCI DSS | TLS 1.3, access controls, audit logging | Evidence surface |
| IEC 62443 | Industrial control systems authN/authZ and audit | Evidence surface |
| ISO / SAE 21434 | Automotive cybersecurity and replayable data handling | Evidence surface |
| NERC CIP | Electric utility operational monitoring | Evidence surface |
Regulated deployments should review SSO, audit export, namespace isolation, and deployment controls against their own operating requirements.
Found a security issue? Please report it responsibly:
We aim to acknowledge reports within 48 hours and provide a fix timeline within 5 business days.
For detailed configuration, see the Security Operations Guide and SSO Integration Guide.
| Area | Current review stance |
|---|---|
| Agent Memory | Tenant and namespace scoping, TTL/capacity controls, and replayable deletion tombstones should be tested against your application policy. |
| Prompt cache | Applications own prompt content, model calls, provider credentials, and cache reuse policy. |
| SSO / OIDC | Validate identity-provider configuration, token lifetime, role mapping, and audit logging before production use. |
| Multi-node operation | Validate routing, failover, metrics, rollback, and recovery behavior in a controlled environment. |
| Physical AI supervisor paths | Treat as shadow-only advisory surfaces unless a separate operator-controlled promotion gate approves a narrower runtime scope. |
Use GitHub Discussions for deployment and security questions.