BeakrGo to website
Docs/Security/Overview

Security built for sensitive research and regulated workflows.

Database-level tenant isolation, AES-256 encryption across every layer, and zero data retention with every model provider we use.

Beakr is built for teams handling sensitive research, proprietary data, and regulated workflows. Security is not bolted on — it is foundational, from database-level tenant isolation to encryption across every layer.Security is a first-class product principle. Customer data is never used for model training, controls are validated through third-party audits and cloud security partners including AWS, data is encrypted at rest with AES-256, and data in transit is secured with TLS 1.2+.

Last updated April 22, 2026security@thebeakr.com
SOC 2 Type II
HIPAA aligned
BAA available
AES-256 at rest
TLS 1.3 in transit
AWS us-east-1, multi-AZ

For our live trust center, compliance certifications, and questionnaire responses, visit thebeakr.trust.site. To request our SOC 2 Type II report under NDA, or to discuss a Business Associate Agreement, contact security@thebeakr.com.

Explore the docs

Compliance & HIPAA

SOC 2 Type II scope and a requirement-by-requirement mapping of the HIPAA Security Rule.

Encryption

AES-256 at rest, TLS 1.3 in transit, and how keys and secrets are managed.

Infrastructure & network

Multi-AZ VPC topology, WAF, threat detection, and security headers.

Data isolation & retention

Database-enforced Row Level Security, retention windows, and hard-delete guarantees.

AI & model security

Zero data retention with model providers and data-minimization for AI requests.

Access controls

RBAC, MFA, API key handling, and CSRF protection.

Why this page exists

Whether you're filling out a security questionnaire, scoping a pilot, or doing architecture due diligence on behalf of your team, this section gives you the technical detail you need — not marketing copy. Each page is kept in sync with our internal control set and audited annually.

Need a security questionnaire completed?Our Trust Center at thebeakr.trust.site hosts responses to SIG, CAIQ, and HECVAT, along with our SOC 2 Type II report (under NDA). For custom questionnaires, email security@thebeakr.com.

At a glance

AreaSummaryStatus
SOC 2 Type IIAudited annually by an independent compliance program. CC6, CC7, CC8, A1, C1, PI1.Certified
HIPAATechnical, Administrative, and Physical Safeguards implemented. BAAs available.Aligned
Encryption at restAES-256 across RDS, S3, ElastiCache, EBS, CloudWatch.Enforced
Encryption in transitTLS 1.3 on public endpoints; TLS 1.2 minimum internally.Enforced
Tenant isolationDatabase-enforced Row Level Security with fail-closed context.Enforced
AI data retentionZero retention with Anthropic, OpenAI, Google, and AWS Bedrock.Zero
Single-tenant deploymentDedicated database or full dedicated infrastructure available.Available

Responsible disclosure

If you discover a security vulnerability, please report it to security@thebeakr.com. We take all reports seriously and respond within 48 hours.