CipherStash

cipherstash.com

Searchable field-level encryption and cryptographic access control for Postgres.

Visit
CipherStash screenshot
/ About /

CipherStash provides data-level access control (DLAC) for applications and AI agents by making access control cryptographic rather than policy-configured. It offers searchable field-level encryption, identity-bound keys, and cryptographic audit trails that integrate directly into existing Postgres stacks. Sensitive data is encrypted at the value level with policies enforced at decryption time, ensuring that attackers, over-permissioned agents, and insiders only ever see ciphertext.

/ How it works /

CipherStash encrypts every sensitive field with a unique identity-bound key via its ZeroKMS service, enforces access policies at decryption time within the existing Postgres stack, and records every access event in an immutable cryptographic audit trail.

/ Who it's for /

Engineering and security teams building applications or AI agents that handle sensitive data on Postgres

/ More info /

Background.

Status
launched
Business model
subscription
Company
CipherStash
/ Discovered patterns /

Similar projects.

Coming soonSpektrail’s read on Security

Editorial take on the space this project sits in — momentum signals, adjacent moves, our call on whether the wedge is real. Get pinged when we publish a new read or when the landscape shifts.

Coming soon

Have a take on this space?

Tell us what you’d build differently, where you think the incumbents miss, or what we’ve gotten wrong about this project. Comments + reactions are coming soon.