CipherStash
cipherstash.comSearchable field-level encryption and cryptographic access control for Postgres.
Securityencryptionpostgresaccess-controlfield-level-encryptionai-securitykey-managementcompliance
About
CipherStash provides data-level access control (DLAC) for applications and AI agents by making access control cryptographic rather than policy-configured. It offers searchable field-level encryption, identity-bound keys, and cryptographic audit trails that integrate directly into existing Postgres stacks. Sensitive data is encrypted at the value level with policies enforced at decryption time, ensuring that attackers, over-permissioned agents, and insiders only ever see ciphertext.
Problem
Traditional database security relies on perimeter controls and human oversight, leaving data exposed to over-permissioned AI agents, insider threats, and attackers who reach the database layer.
For
Engineering and security teams building applications or AI agents that handle sensitive data on Postgres
How it works
CipherStash encrypts every sensitive field with a unique identity-bound key via its ZeroKMS service, enforces access policies at decryption time within the existing Postgres stack, and records every access event in an immutable cryptographic audit trail.
Business model
subscription
Status
launched
Company
CipherStash