Modly

Security & Trust

Trust is the missing layer in AI

Modly respects each person's permissions, cites its sources, and logs every query — with the same governance for every customer.

Security features

Built with trust as the starting point

Permission-aware retrieval

Stale, missing or expired provider access is treated as zero access.

Cited sources

Every answer links back to the exact document it drew from.

Full audit logs

Every query and answer is recorded and reviewable.

Org-level model policy

Control which models are allowed and default across the organization.

MFA & access controls

TOTP MFA and password management backed by Cognito.

Organization isolation

Each organization's data stays completely isolated from every other.

How we handle your data

Your knowledge stays yours

  1. 1

    Least-privilege by default

    Retrieval only ever reaches sources the asker is already allowed to see. Access is resolved from your providers, not assumed — and re-checked as it changes.

  2. 2

    Not used to train models

    Your content is indexed to answer your team's questions — it isn't used to train shared models, and it never leaves your organization's boundary.

  3. 3

    You choose the model

    Route through OpenAI, Google, Anthropic or a self-hosted model, and set the allowed models per organization. Sensitive workloads can stay on infrastructure you control.

Controls & compliance

Built for teams that answer to auditors

Authentication, access controls and a complete activity trail — the same for every customer, with no governance features locked behind a higher tier.

Authentication & MFA

SSO and TOTP multi-factor authentication, with password and session controls.

Complete audit trail

Every query, answer and configuration change is recorded and reviewable.

SOC 2 Type II

On our security roadmap as we move toward general availability.

See Modly on your own knowledge

Request a demo, or join the waitlist for early access.