RISK3YMCP-Native Risk Intelligence

Built with security first.

Your risk data is sensitive. We treat it that way.

Tenant isolation

Every account is fully isolated. Row-level tenant_id checks on every database query. No cross-tenant data leakage by design.

Role-based permissions

Fine-grained permission system. Team members only see and do what their role allows — read, write, admin, or owner.

Full audit log

Every create, update, and delete is logged with actor, timestamp, before/after state. Immutable audit trail for compliance.

Cognito authentication

Authentication is handled by AWS Cognito. Risk3y never stores or handles passwords directly.

MCP scoped access

MCP client tokens are scoped by role. Read-only tokens let AI tools query risk data safely. Admin tokens can also create and update — but only within your own account. No token can access another tenant.

HTTPS everywhere

All data in transit is encrypted with TLS. The API is only accessible over HTTPS.

Have a security concern or question?

support@risk3y.com →