Logo
Login
Start Trial
Request Demo

SECURITY & TRUST

Your Data Stays Yours

Security isn't a feature at Knowi - it's the foundation. From architecture to AI, every layer is built to keep data in your environment, under your control.

SOC 2 Type II Certified AES-256 Encryption Private AI / No External LLMs On-Premises Available

Data Stays in Your Environment

Knowi queries your databases directly using native protocols. No data is copied into proprietary storage. Results are held in a configurable, temporary cache - then discarded.

Encrypted at Every Layer

AES-256 encryption for credentials and cached results at rest. TLS 1.2+ for all traffic in transit. Optional IP whitelisting, SSL/SSH tunneling, and private deployments.

Enterprise Governance

SSO via SAML & OpenID Connect, 2FA, LDAP, role-based access control, row-level security, multi-tenancy isolation, and full audit trails.

How Knowi Handles Your Data

Knowi generates a secure query, retrieves only the result, and stores it in a temporary cache. Your source data never moves.

Your Databases
MongoDB, ES, SQL, APIs
Knowi Query Engine
Native protocol, read-only
Temp Cache
Configurable, auto-expires
Dashboard / Embed
Browser or embedded app
Minimal Data Movement Only query results leave the source, never raw tables or exports
Your Security Model Knowi respects your database's existing auth, firewall, and encryption policies
No Long-Term Storage Cached results auto-expire. No sensitive data persisted beyond your configured window

Security Controls in Detail

Encryption & Connections

  • AES-256 encryption for credentials and cached results at rest
  • TLS 1.2+ for all traffic between browser and Knowi Cloud
  • IP whitelisting to restrict access by network
  • SSL/SSH tunneling for database connections behind firewalls
  • Private deployments - cloud VPC or fully on-premises

Authentication

  • Two-factor authentication (2FA)
  • LDAP integration for directory-based auth
  • SSO via SAML and OpenID Connect
  • Session management and automatic timeout policies

Access Controls

  • Role-based access control (RBAC)
  • Row-level security - users see only their authorized data
  • Multi-tenancy isolation - per-tenant data boundaries
  • User activity auditing and login tracking
  • Query history with rollback capabilities

Compliance & Governance

  • GDPR - data minimization, right to erasure support
  • HIPAA - BAA available, PHI never stored long-term
  • Suitable for finance, government, healthcare environments
  • Full audit trail of data access, queries, and user actions
Private AI

AI That Never Leaves Your Infrastructure

Knowi's Private LLM runs entirely inside your environment. Natural language queries, Document AI, and AI-powered insights — all processed on-premises or in your private cloud. No data is ever sent to OpenAI, Google, or any external AI service.

On-premises LLM — runs inside your firewall on your hardware
Natural language queries on unmodeled NoSQL, SQL, and API data
Document AI — query PDFs, Word files, and unstructured docs privately
Zero external API calls — no data sent to third-party LLM providers
HIPAA & GDPR compatible — meets strictest data residency requirements
Your Infrastructure
Knowi Private LLM
Your Databases
Document AI Engine
External Services
OpenAI / ChatGPT
Google Gemini
Any External LLM

Platform Compliance

Knowi maintains comprehensive IT controls regularly audited by independent firms. Our control procedures have been verified in a SOC 2 Type II report prepared in accordance with AICPA attestation standards and ISAE international standards.

Knowi's SOC 2 report is available upon request. Contact [email protected]

Vulnerability Reporting

Report

Email [email protected] with product info, vulnerability type, reproduction steps, and screenshots.

Evaluate

You'll receive a response within one business day. All reports remain confidential and are shared only with the team needed to fix the issue.

Resolve

After evaluation, a fix is developed and deployed. Security notifications are sent to customers via product update emails.

Testing Guidelines

Vulnerability scans and bug hunting should be performed on the staging environment: staging.knowi.com

For questions about this policy, contact [email protected]. Knowi reserves the right to update this policy at any time.

Unify. Analyze. Act.

AI-powered analytics across every data source. No warehouse required.

Start Free Trial Request a Demo