Security
Stepwork serves business customers of all sizes, from startups to global multinationals, in regulated industries. Enterprise-grade Zero Trust security is built into every layer of the stack and throughout the development lifecycle.
Security you can trust every step of the way
We build security into everything we do because your trust is paramount. Every product, process, and system is designed with the protection of your data at its core.
Security Features
All your data stays on your own systems - either on your local machines or in your own cloud accounts. Nothing goes to third parties.
AWS Bedrock provides secure API access to pre-trained AI models through your AWS account - no model training or data retention.
We use hardened Docker containers to execute StepWork automations locally. By enforcing non-root execution and limiting communication to local apps via a minimal Flask server, we significantly reduce the attack surface.
Stepwork supports using service accounts to take actions on teams behalf. We mimic your existing security policies to reduce any unnecessary vulnerabilities
Every step is logged to ensure transparency and a papertrail. You can use these materials for audit purposes since everything is timestamped as well.
Since we build the flows we’ve built in many mechanisms to account for potential hallucination risks to ensure the least risk possible for running workflows.
(coming soon)
You have the ability to run flows in your own clusters to support multiple teams running flows through Stepwork.
The EU General Data Protection Regulation
Stepwork fully complies with privacy and AI laws and regulations including the European Union General Data Protection Regulation (GDPR) and AI Act, as well as with other national and U.S. state laws such as the California Consumer Privacy Act (CCPA).
