Skip to main content
Cortex logoCortex

Security

Last Updated: November 27, 2025

Security Overview

Security is foundational to Cortex Memory. We implement multiple layers of protection to ensure your AI agent data remains secure and isolated.

Infrastructure Security

Cortex Memory is built on Convex, which provides:

  • Strong consistency guarantees with ACID transactions
  • Encryption at rest and in transit (TLS 1.3)
  • SOC 2 Type II compliance
  • Regular security audits and penetration testing
  • Automatic backups with point-in-time recovery
  • DDoS protection and rate limiting

Data Isolation

Memory spaces provide strict data isolation:

  • Each memory space is completely isolated from others
  • No cross-tenant data access is possible
  • User data is segregated at the database level
  • API calls are authenticated and authorized per-space
  • Audit logs track all data access

Authentication & Authorization

We recommend the following security practices:

  • Store API keys and secrets in environment variables
  • Use role-based access control for team members
  • Rotate credentials regularly
  • Enable two-factor authentication where available
  • Review access logs periodically

Data Protection

  • All data is encrypted at rest using AES-256
  • All API communications use TLS 1.3
  • Sensitive data is never logged
  • Regular vulnerability scanning of dependencies
  • Security patches applied within 24 hours of disclosure

Open Source Security

As an open-source project:

  • All code is publicly auditable on GitHub
  • Dependencies are regularly updated and audited
  • Security-focused code reviews for all contributions
  • Automated security scanning via GitHub Dependabot
  • Community contributions improve security posture

Responsible Disclosure

We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly:

  1. Email us at security@cortexmemory.dev
  2. Include a detailed description of the vulnerability
  3. Provide steps to reproduce the issue
  4. Allow us 90 days to address the issue before public disclosure
  5. Do not access or modify data belonging to others

We are committed to working with security researchers and will acknowledge your contribution in our security advisories.

Security Updates

Stay informed about security updates:

  • Check our GitHub Security Advisories
  • Watch the repository for security-related releases
  • Subscribe to our changelog for security patches

Compliance

Cortex Memory is designed with compliance in mind:

  • GDPR-compliant data handling with cascade deletion
  • Data residency options (via Convex regions)
  • Audit logs for compliance requirements
  • Data export capabilities for portability

Contact

For security-related inquiries:

Email: security@cortexmemory.dev
GitHub: github.com/SaintNick1214/Project-Cortex/security

Cortex Memory logoCortex
ProductCore FeaturesArchitectureHive ModeUse CasesIntegrations
DevelopersDocumentationLatest PostsExamplesChangelog
Community GitHub Twitter / XDiscussionsIssues
Powered by Convex →
  • Real-time Sync
  • Type-safe Database
  • Serverless Functions
© 2025 Cortex MemoryBuilt on ConvexPrivacyTermsSecurity