Success stories

Enterprise-grade privacy and security

Cutover takes data privacy and security  seriously, implementing multiple layers of protection for all customer data processed by our AI systems.

Our security approach

Secure infrastructure
Our AI processing service runs within a secure AWS environment, separate from our core services to ensure proper isolation.
Data encryption
All data is encrypted in transit using TLS with AWS KMS envelope encryption, protecting customer information at all times.
Zero data retention
No customer data is stored when using the AI service. We process data ephemerally without persistent storage.

Data processing & isolation

How We Process Your Data

  • AI processing takes place in AWS regions in the US (N. Virginia / Oregon) and the EU (Frankfurt / Zurich).
  • Customer data remains stored within your environment's database and is never stored outside your Cutover instance.
  • Data is processed ephemerally by AWS Lambda functions and AWS Bedrock, with strict isolation between invocations.
  • All model inference occurs within AWS infrastructure and stays within your selected AWS region.
THE PROBLEMS WE SOLVE

AI Foundation Models

Primary Model
We primarily use Anthropic's Claude Sonnet 3.5 v1 model in production environments.

Hosted via AWS Bedrock
Additional Models
For certain use cases, we leverage AWS models such as Titan and Nova, also accessed via AWS Bedrock.

Same secure infrastructure
No Model Training with Your Data
We do not fine-tune underlying foundation models with customer data. Instead, we use out-of-the-box models combined with techniques like multiple-shot prompting and RAG (Retrieval Augmented Generation) to achieve excellent results without requiring customer data for training.
THE PROBLEMS WE SOLVE

AWS Security Measures

AWS Bedrock Security

• Data encrypted in transit using TLS with AWS KMS

• No storage or retention of prompts or responses

• Inputs and outputs not used to train AWS or third-party models

• All model inference occurs within AWS infrastructure
AWS KMS Encryption
AWS Key Management Service (KMS) uses envelope encryption to efficiently and securely protect data:
• Data is encrypted using a unique data encryption key (DEK)

• The DEK is encrypted with a customer master key (CMK) stored in KMS

• Encrypted DEK is stored alongside the encrypted data

• AWS services quickly decrypt the DEK using KMS when needed

Ready to learn more

Contact our team to discuss how Cutover's secure AI capabilities can transform your technology operations.
Book a demo