Platform
Security
Current security controls, responsibilities, and compliance status.
Vokra separates application data by workspace and checks workspace membership and role on protected operations. Integration and model secrets are encrypted before database storage, and normal API responses do not return the stored secret value. Production traffic is served over HTTPS by the hosting platforms.
Vokra is not currently SOC 2 certified and does not currently claim GDPR compliance. Do not rely on Vokra for a regulatory or contractual requirement without completing your own review and obtaining written confirmation.
You are responsible for the data sent to model and integration providers, the permissions granted to external credentials, and whether those providers meet your requirements. Use least-privilege credentials and avoid sensitive production data during evaluation.
To report a security concern, use the contact method listed on vokra.ai.