Features
Compliance & Security
Built on AWS compliance-eligible infrastructure from day one. All AI runs through AWS Bedrock, with complete audit logging, encryption, and access controls built-in.
Why we only use AWS Bedrock
Compliance teams need to know exactly where data flows. By using AWS Bedrock exclusively, we ensure all AI inference happens in your cloud environment with full audit trails. No data is sent to third-party AI providers.
- Data never leaves your selected AWS region
- 40+ AI models available (Claude, Nova, Llama, Mistral)
- Pass security reviews in weeks, not months
All AI through Bedrock
When your agents process requests, all AI inference happens through AWS Bedrock in your selected region. No data leaves AWS.
Automatic logging
Every request is logged with full context via CloudTrail. All data encrypted with KMS at rest and TLS 1.3 in transit.
Audit and verify
Run automated infrastructure compliance tests covering HIPAA, SOC 2, GDPR, NIST, and ISO 27001 controls. Generate reports on demand.
Compliance Features
Everything you need for audits
Built-in tools for audit logging, encryption, access control, and tenant isolation.
AWS Bedrock Only
All AI inference runs through AWS Bedrock in your region. No data is sent to third-party AI providers. Your compliance team can verify exactly where data flows.
Complete Audit Logging
Every conversation, API call, and system action is logged with timestamps, user IDs, and full context via CloudTrail and application-level audit logs.
Multi-Tenant RBAC
Four-tier role hierarchy (Admin, OrgManager, TeamManager, User) with PostgreSQL row-level security enforcing tenant isolation at the database level.
Data Access Controls
Role-based access control scoped to organizations and teams. Restrict who can view, edit, or delete agents and knowledge bases.
Encryption Everywhere
AES-256 encryption at rest with AWS KMS, TLS 1.3 in transit. All data stores — Aurora, S3, OpenSearch — encrypted by default.
Data Retention Controls
Configure retention policies per data type. Automatic deletion when retention expires. Legal hold capabilities for compliance investigations.
Compliance Dashboard
Security controls built in
Audit logging, tenant isolation, access controls, and security monitoring built into the platform.
Login History
Track all user login attempts, successful and failed, with IP addresses and device info.
Tenant Isolation
PostgreSQL row-level security with per-request context. Every query scoped to the authenticated user's organization.
Security Alerts
Get notified of suspicious activity, failed logins, and potential security incidents.
Compliance Reports
Generate infrastructure audit reports covering security controls and compliance posture on demand.
Compliance Reports
See your compliance posture at a glance
Run automated infrastructure audit tests and view results across security control frameworks including HIPAA, SOC 2, GDPR, NIST 800-53, and ISO 27001.
Infrastructure Audit Tests
Last updated: Jan 28, 2026
Controls Passing Trend
12-month overview
Evidence Collection
85 of 102 items collected
Scheduled Test Runs
Infrastructure Controls
Built on AWS compliance-eligible infrastructure
Real security controls built into the platform, with automated audit tests you can run yourself.
VPC Isolation
All resources deployed in private subnets with no public internet exposure
KMS Encryption
Customer-managed AWS KMS keys for encryption at rest across all data stores
CloudTrail Audit Logging
Full API audit trail with tamper-proof logging to S3
Row-Level Security
PostgreSQL RLS enforces tenant isolation at the database level
Infrastructure Audit Tests
Automated compliance test suites covering HIPAA, SOC 2, GDPR, NIST, and ISO 27001 controls
AWS Compliance Eligibility
Built entirely on AWS services that are HIPAA-eligible and SOC 2 auditable
Ready to see it in action?
Schedule a demo with our team to see how Zentrr handles compliance for regulated industries.