Platform

Safe AI & data protection

The safest way to point AI at your security evidence

The biggest objection to AI-assisted assurance is a reasonable one: "I am not sending my security policies and audit evidence to a large language model." CyConex is designed around that concern.

Evidence is screened and sanitised before it ever reaches a model, everything is processed in the United Kingdom, and every AI review is auditable with human sign-off. Safety is not a setting you switch on — it is how the platform works by default.

Sign up free

Early access · Free · No credit card required

CyConex evidence review trail showing screened and sanitised evidence sent for AI review

Prompt-injection screening before embedding

Uploaded and connected evidence can contain hidden instructions designed to manipulate an AI system. CyConex screens evidence for prompt-injection and jailbreak content before it is embedded or used in a review.

Where screening flags a problem, the ingest is blocked and logged, so you retain a record of what was rejected and why.

Sanitisation before content reaches the AI

Sensitive-data rules strip and redact content before it is sent to a model, so material that does not need to reach the AI never does.

This reduces exposure of sensitive information while still allowing agents to map evidence, surface gaps, and draft structured outputs.

UK data residency and encryption at rest

CyConex production services are hosted in UK Azure regions. Customer evidence, assessment outputs, and platform metadata are stored and processed within the United Kingdom.

Evidence and platform data are encrypted at rest, with organisation-level Transit KEK and HashiCorp Vault options for teams that require stronger key management guarantees.

Auditable AI with human sign-off

Every AI-assisted review is traceable. Agent activity, assessment reasoning, and human validation steps are retained so automated outputs can be challenged, reviewed, and defended.

AI usage and cost are visible, and qualified assessors retain sign-off on every conclusion — automation accelerates the work, it does not replace accountability.

What makes CyConex safe by default

  • Prompt-injection and jailbreak screening before embedding
  • Sensitive-data sanitisation before content reaches the AI
  • UK Azure hosting and UK data residency
  • Encryption at rest with Transit KEK / Vault options
  • Auditable AI usage with retained reasoning
  • Human sign-off on every conclusion

Adopt AI without losing control of your evidence

See how CyConex screens, sanitises, and audits AI-assisted assurance — request a demo or sign up free.

Sign up free

Early access · Free · No credit card required

Frequently asked questions

Is it safe to use AI on our security evidence?

Yes. CyConex screens evidence for prompt-injection and jailbreak content before embedding, applies sensitive-data rules to sanitise content before it reaches the model, and hosts everything in UK Azure regions with encryption at rest, including org Transit KEK / HashiCorp Vault options. AI usage is auditable and qualified assessors retain sign-off.

Where is CyConex hosted?

CyConex is hosted in UK Azure regions. Customer evidence, assessment outputs, and platform metadata are stored and processed within the United Kingdom, supporting organisations with UK data residency requirements.

Does CyConex replace human assessors?

No. AI agents accelerate evidence gathering and review, but accountability stays with qualified assessors. Reviewers validate scope, review IGP judgements, and approve every output that goes into a formal report, so conclusions remain defensible.