Security is the architecture.
Corax manages your most sensitive infrastructure. That responsibility demands security at every layer: cryptographic credential isolation, signed communications, approval gates for destructive actions, and AI that never sees your secrets.
The AI never sees your credentials
Most AI platforms pass your API keys and passwords directly into the AI context window. Corax treats its own AI engine as an untrusted component. The Credential Enclave ensures that secrets are resolved only at the execution boundary, after the AI has decided what action to take but before the action runs. The AI receives an opaque handle. The credential is decrypted, used, and zeroed from memory in a single operation. If the AI ever attempts to reference a credential value in its output, post-execution leak scanning catches and redacts it.
Six layers of defense in depth
Security controls at every layer of the platform, from credential storage to AI decision-making to network communication.
Credential Enclave
Your credentials never touch AI. Corax uses a cryptographic isolation architecture where the AI engine orchestrates actions through opaque credential handles. Secrets are decrypted only at the execution boundary, never logged, never cached, and automatically zeroed from memory after use.
- Opaque CredentialRef handles — AI sees a token, never the value
- Per-session in-memory vault with automatic memory zeroing
- Post-execution leak scanning on every tool result
- AES-256-GCM encryption at rest with per-tenant keys
- Every credential access logged to immutable audit trail
Destructive Action Approval Gates
Corax classifies every action by risk level before execution. Read-only operations run freely. Destructive operations like service restarts, config changes, and file modifications require explicit human approval with a 60 second auto-deny timeout.
- Dynamic risk classification across 40+ command patterns
- Human approval required for MEDIUM, HIGH, and CRITICAL actions
- 60 second auto-deny timeout — no silent escalation
- Per-organization command allowlists
- Full audit trail of every approval decision
Multi-Tenant Data Isolation
Every query, every API call, every AI session is scoped to a single organization. Cross-tenant data access is architecturally impossible. Organization boundaries are enforced at the database layer, not just the application layer.
- Organization-scoped queries on every database operation
- Credential Enclave enforces per-tenant vault boundaries
- Agent tokens cryptographically bound to a single org
- Redis pub/sub channels namespaced per organization
- Platform admin impersonation fully audit-logged
Encrypted Communications
Every message between Corax components is signed and verified. Agent connections use WebSocket Secure with mutual TLS. Internal Redis messages are HMAC-SHA256 signed with replay protection to prevent message injection or tampering.
- HMAC-SHA256 signed Redis pub/sub with 30 second replay window
- Nonce deduplication prevents message replay attacks
- WSS with agent token rotation and 1 hour grace periods
- mTLS authentication for on-premises SIEM appliances
- All API traffic over TLS with HSTS enforcement
Authentication and Access Control
Enterprise-grade identity management with Auth0, role-based access control, and product-level feature gating. Enterprise customers get granular RBAC with per-resource permissions, SSO, and SCIM provisioning.
- Auth0 with custom domain (auth.coraxity.com)
- Role hierarchy: Viewer, Member, Admin, Owner
- Product-level feature gating across 16 modules
- Enterprise RBAC with per-resource, per-action permissions
- Portal authentication with scrypt password hashing
AI Safety Architecture
Corax AI operates under strict safety constraints. The Neural Engine uses a three-tier tool classification system. Read-only tools run freely, safe-write tools are logged, and destructive tools require approval gates. Every AI session has bounded iteration limits and cost controls.
- Three-tier tool classification: READ_ONLY, SAFE_WRITE, DESTRUCTIVE
- Maximum 25 iterations per AI session with cost circuit breakers
- Deferred tool loading — AI only accesses tools relevant to the task
- 5 agent AI quorum deliberation for critical decisions
- All AI actions logged with full reasoning chain
Offensive security with safety guardrails
VANGUARD runs vulnerability scanning and hardening on your infrastructure. Every change goes through a multi-stage safety pipeline designed to prevent disruption.
Four hardening modes
Organizations progress through OBSERVE (scan only), ADVISE (human approves all), GUARD (auto-apply low risk), and ENFORCE (auto within policy). You control the autonomy level.
Business service protection
Register critical services like 'QuickBooks on port 8019 needs TLS 1.0' and Corax will never propose changes that conflict. Business continuity comes first.
Pre-change snapshots
Before any hardening change, Corax captures a full snapshot: config files, firewall rules, service status, cron jobs, user accounts. Every change is reversible.
Canary monitoring and auto-rollback
After applying a change, Corax monitors for 30 minutes: port reachability, service health, cloud connectivity. If anything degrades, the snapshot is restored automatically.
Compliance and governance
Enterprise-grade audit controls, compliance automation, and governance tools for regulated industries.
Audit Logging
Immutable, SHA-256 hash-chained audit logs capture every significant action. Tamper detection built in. Configurable retention up to 7 years. Litigation hold support prevents deletion of held records.
Compliance Frameworks
Automated compliance scanning against CIS, NIST 800-53, SOC 2, HIPAA, PCI DSS, and ISO 27001. Continuous configuration auditing with remediation prioritization.
Vulnerability Management
VANGUARD offensive security module runs continuous vulnerability scanning with 9,000+ Nuclei templates. Findings are risk-scored and prioritized. Hardening changes require snapshots with automatic rollback on failure.
Incident Response
AI-powered incident triage with autonomous remediation. Every healing action is reversible. Known error databases, escalation paths, and team routing ensure the right response for every incident class.
Platform hardening
Every HTTP response from Corax includes security headers enforced at the application layer. API endpoints are rate-limited and input-validated. All request bodies are parsed against strict schemas before processing.
Need data to stay on your network?
Enterprise customers can deploy Corax in hybrid or fully on-premises mode. AI processing runs locally via on-prem LLM engines. Telemetry, credentials, and incident data never leave your network. LLM governance policies control which AI providers are allowed and enforce data classification routing.
Questions about our security posture?
We are happy to walk through our architecture, answer vendor security questionnaires, or provide detailed technical documentation for your compliance team.