How does bRRAIn keep AI memory secure across a whole company?

Envelope encryption with auth-derived keys

bRRAIn encrypts every document and graph node in the bRRAIn Vault with a per-record data key, and each data key is wrapped by a master key derived from the user's authentication context. Nothing in the vault is readable without a valid auth chain. Keys rotate on a schedule and on demand. Even a full disk image of the vault yields ciphertext. The pattern is standard for well-run financial infrastructure; bRRAIn brings it to AI memory by default rather than as an add-on.

7-tier role hierarchy and two inspection gates

Access is gated by a 7-tier role hierarchy — Sovereign, Architect, Librarian, Operator, Contributor, Observer, Guest — enforced at every read and write by the Control Plane. The Security Policy Engine adds two inspection gates: one at request entry (is this user allowed to ask?) and one at response exit (does this response contain anything they're not cleared to see?). Policy runs as code, versioned and auditable. The LLM cannot accidentally return data the user isn't authorized for.

Sandboxed connectors and CVE-scanned code

Every external connector runs behind the MCP Gateway in an isolated sandbox. Code the system executes — for agents, for users, for ingestion pipelines — runs inside the Code Sandbox with CVE scanning, resource quotas, and quarantine on anomaly. A compromised third-party MCP server cannot reach the vault; a malicious code snippet cannot escape the sandbox. Zero-trust means every zone treats every other zone as potentially hostile, and the boundaries are enforced with real isolation primitives, not config flags.

Audit trails and vault write discipline

Every read, write, policy decision, and connector call is logged with actor, timestamp, and rationale. Auditors can replay any session. The bRRAIn Vault itself is strictly read-only to everything except the Consolidator — no agent, no user client, and no MCP server can write directly. That single discipline closes the most common attack path: a compromised client forging facts into the corporate memory. Combined, encryption, roles, sandboxing, and audit logs deliver the security posture enterprise AI memory actually needs.

Relevant bRRAIn products and services

• bRRAIn Vault — envelope-encrypted, Consolidator-write-only canonical store.
• Control Plane — 7-tier role hierarchy with full audit trails.
• Security Policy Engine — two-gate inspection for every request and response.
• MCP Gateway — sandboxed connectors to external tools and models.
• Code Sandbox — CVE-scanned execution environment for agent and user code.
• Security overview — full compliance and security posture reference.