Product Overview

Request a Demo

Security at a Glance

Carys is designed so teams can run AI-powered analysis with strong controls, clear boundaries, and confidence in how data is handled.

Security in Carys is not a single feature. It is a set of safeguards applied across the full workflow, from execution boundaries to access control and full traceability.

This high-level view is based on the Carys Agent Safety documentation and focuses on what matters most for business teams evaluating trust and risk.

Platform Protection at a Glance

Web Traffic Protection

Incoming traffic is filtered before it reaches core services using web application firewall controls and rate limiting.

Encryption in Transit

Connections are encrypted in transit, including external access and internal service communication.

Encryption at Rest

Stored data is encrypted at rest across key platform services, including databases and file storage.

Private Service Boundaries

Core compute and data services run in private network segments rather than being directly exposed to the public internet.

Controlled File Access

Sensitive files are accessed through time-limited signed links, not open public URLs.

Secure Secrets Handling

Credentials and keys are managed through dedicated secret controls, not embedded directly in application code.

Four Security Pillars

Isolated Analysis Environments

Analytical work runs in isolated environments separated from production systems, reducing risk and containing failures.

Guardrails and Limits

Built-in limits and circuit breakers keep execution predictable by preventing unbounded retries and excessive resource use.

Access Control and Data Separation

Access is governed by organisation and permissions, so users can only work with data they are authorised to use.

Observability and Auditability

Every analysis generates a trace of what happened, including quality checks, timing, and status updates, so teams can review and verify outcomes.

What This Means in Practice

Lower Operational Risk

Controlled execution boundaries reduce the chance that one run can impact other users or core systems.

Better Governance

Clear access boundaries and full traceability support internal governance, review, and accountability.

Higher Confidence in Results

Security and quality controls work together, so outputs are not only useful but also easier to trust.