Security

Boring, predictable security for AI agents.

Rails Agent is built by a small team of long-time Rubyists. We treat security like a Rails migration — reversible, versioned, and reviewable.

Where your data lives

Every workspace maps to an isolated Postgres schema and a dedicated Vercel project inside our infrastructure. Your agent code lives in your GitHub repo — we only cache builds.

Secrets & API keys

  • Model provider keys encrypted with AES-256-GCM at rest
  • Per-environment scoping (development, staging, production)
  • Optional bring-your-own-KMS for Business plan
  • Rotated with a single `rails agent:rotate_key` command

Traces & PII

Traces are stored for 30 days by default. You can redact fields with the `pii:` DSL or disable persistence entirely. Extended retention is available on Enterprise plans.

Compliance

  • SOC 2 Type II — in progress (target Q2 2026)
  • GDPR-compliant data processing addendum available
  • HIPAA BAA on Business plan
  • Public status page & post-mortems