Skip to content
menezis.ai
Documentation

Security

Four-layer security architecture with post-quantum cryptography. Protected against threats that don't exist yet.

Post-Quantum Ready

Menezis implements ML-KEM-768 (formerly CRYSTALS-Kyber), the NIST FIPS 203 standardized algorithm for quantum-resistant key encapsulation.

When quantum computers become capable of breaking RSA and ECC, your data encrypted today will still be safe.

Four-Layer Security Stack

Layer 1

mTLS

Mutual TLS authentication between all services. Certificate-based identity verification.

Layer 2

JWT

JSON Web Tokens for session management. Short-lived tokens with automatic refresh.

Layer 3

ML-KEM-768

Post-quantum key encapsulation. NIST FIPS 203 standardized. Protected against quantum attacks.

Layer 4

AES-256-GCM

Authenticated encryption for data at rest and in transit. Military-grade symmetric encryption.

Infrastructure Security

Isolated Workloads

Each deployment runs in isolated containers with dedicated network namespaces. No shared resources between tenants.

Autonomous Monitoring

Operation Argus monitors all infrastructure every 15 seconds. Automatic threat detection and response.

Secrets Management

Environment variables encrypted at rest. Secrets never logged or exposed in stackfiles.

Zero Trust Network

All internal communication authenticated. No implicit trust between services.

Data Residency

Choose where your data lives. Available regions:

EU
Germany
US
East & West Coast
SG
Singapore

Infrastructure providers: Hetzner. Coming soon: Scaleway, and more.

Compliance

GDPR
EU General Data Protection Regulation
SOC 2 Type II
In progress - Expected Q2 2025
ISO 27001
In progress - Expected Q2 2025

Report a Vulnerability

Found a security issue? We appreciate responsible disclosure.

security@menezis.ai