For AI agents: a documentation index is available at the root level at /llms.txt and /llms-full.txt. Append /llms.txt to any URL for a page-level index, or .md for the markdown version of any page.
PlaygroundDiscordStatusDashboardSign Up >
DocumentationSDK ReferenceGraphiti
DocumentationSDK ReferenceGraphiti
      • Overview
      • Role-Based Access Control
      • Audit Logging
      • API Logging
      • HIPAA compliance
      • Bring Your Own Key (BYOK)
      • Bring Your Own LLM (BYOM)
LogoLogo
PlaygroundDiscordStatusDashboardSign Up >
On this page
  • Access control & monitoring
  • Compliance & data governance
  • Deployment models
Security & Compliance

Security & Compliance

Enterprise-grade security, compliance, and data governance capabilities

Was this page helpful?
Previous

Role-Based Access Control

Next
Built with

Zep provides comprehensive security controls and compliance capabilities designed for enterprises handling sensitive data. From granular access controls to customer-managed encryption keys, Zep enables you to meet your organization’s security and regulatory requirements.

SOC 2 Type II Certified — Zep maintains SOC 2 Type II certification. View our real-time compliance status at trust.getzep.com. Compliance reports and supporting documentation are available to Enterprise subscribers.

In Zep, governance lives in the substrate, not bolted on. Authorization, retention, and audit apply across every Context Graph, every query, and every layer of the Context Lake — so policy holds as you scale to thousands of agents, users, and context sources.

Access control & monitoring

Control who can access your data and track all activity across your organization.

Role-Based Access Control

Granular permissions with account-level and project-level scopes. Assign predefined roles to grant the right level of access to each teammate.

Audit Logging

Track all dashboard member actions including logins, member management, API key changes, and data operations.

API Logging

Monitor all SDK and API requests with details on method, endpoint, status, and latency.

Compliance & data governance

Meet regulatory requirements and maintain control over your data and AI infrastructure.

HIPAA Compliance

Guidelines for building healthcare applications that handle protected health information. Business Associate Agreements available for Enterprise customers.

Bring Your Own Key (BYOK)

Encrypt data at rest using your own AWS KMS Customer Master Key. Maintain full control over encryption keys, including revocation.

Bring Your Own LLM (BYOM)

Use your own LLM provider credentials with OpenAI, Anthropic, Google, AWS Bedrock, or Azure. Apply your negotiated pricing and compliance commitments.

Deployment models

The trust boundary moves with your deployment. Choose where compute, data, and keys live.

Cloud

Zep’s managed service. SOC 2 Type II certified, with HIPAA Business Associate Agreements available for Enterprise customers.

Cloud + Your Own Keys (BYOK)

Zep’s managed service with encryption keys you control in your own AWS KMS account, including the ability to revoke access.

Bring Your Own Cloud (BYOC)

Zep deployed inside your own VPC for a full network and compliance boundary. Contact the Zep Enterprise team.