Security

Security at Savio

Savio is built for teams that handle sensitive codebases and proprietary systems. Security is foundational, not an afterthought.

Tenant isolation

Every organization's data — systems, sources, models, claims, and feedback — is logically isolated. Cross-tenant data access is architecturally prevented.

Audit logging

Sensitive actions are logged with actor, timestamp, and context. Source connections, sync triggers, system changes, and configuration updates are all auditable.

Credential security

Connector credentials are encrypted at rest using KMS-backed encryption. Secrets are never stored in plaintext or exposed in API responses.

Infrastructure

Savio runs on managed infrastructure with encrypted storage, network isolation, and automated patching. No customer data is used for model training.

Access controls

Role-based access controls scope what each team member can see and do. Enterprise plans include SAML SSO and fine-grained permission management.

Data boundaries

Savio only accesses the sources you explicitly connect. Data retention and deletion controls let you manage what Savio knows and for how long.

How Savio handles data

What data does Savio access?

Savio only accesses the sources you explicitly connect: GitHub repositories, Jira projects, Notion workspaces, Confluence spaces, and any web URLs you provide. It reads code, documentation, tickets, pull requests, and their metadata to build the system model.

How is data stored?

Source content is chunked, embedded, and stored in a PostgreSQL database with pgvector. All storage is encrypted at rest. System models, claims, and feedback are stored alongside the source data with full provenance tracking.

Is data used for training?

No. Customer data is never used to train or fine-tune any model. Savio uses third-party LLM providers for inference only, with no data retention agreements where available.

Can I delete my data?

Yes. You can disconnect sources, delete systems, and remove organization data. Retention policies and deletion controls are available to manage what Savio retains and for how long.

Enterprise security

For teams with advanced security and compliance requirements.

SAML SSO with major identity providers

Dedicated database isolation

Custom data residency options

Advanced role-based access controls

Audit log export and SIEM integration

BYO model provider support

VPC deployment options

Custom retention policies

Questions about security?

We're happy to walk through our security posture, answer compliance questions, or discuss enterprise deployment options.

Contact security team Enterprise options