Korbit AI Trust Center

We take security seriously, protecting your data and IP every step of the way.

SOC-2 Compliance

Korbit has met the requirements for SOC-2 compliance and is currently in the Observation Period.

You can view our compliance status here.

Zero day retention

Korbit AI leverages advanced language models to generate insightful code reviews by analyzing code diffs alongside context about the project. All data transmitted to the models is protected with TLS encryption to ensure security. Importantly, your code remains confidential and is never used for model training. We have 0 day retention policy contracts with both OpenAI and Anthropic to ensure your data is safe and secure.

Secure data flow

When a review is triggered, Korbit retrieves the relevant files and context from your pull request, including the tuning you’ve made through feedback provided to Korbit. It securely scans the diff using our proprietary issue detection chain and trusted LLM providers, such as OpenAI and Anthropic. Once the review is complete, our comments are posted directly to your Git provider through secure APIs and all code required to complete the review is cleared ensuring that your intellectual property remains safe and secure at all times. We collect message data (excluding your code) to enhance the quality of our responses.

Ownership

With Korbit AI, you retain full ownership of all code and suggestions provided during the review process. Your code is always yours, and any suggestions generated by Korbit are offered solely to help you write better, cleaner code, faster, and with fewer bugs. Korbit’s role is purely advisory, providing insights to enhance your code, but you are the ultimate owner of your work. Our process is designed to support your development, while ensuring your intellectual property stays entirely under your control.