Skip to main content
Obrity Logo Obrity
brightness_6 Theme
language Language
Sign in Request demo
Trust & Safety Center

Applied AI, with security guardrails and human control

Advanced security aligned with OWASP for the construction industry. We protect your digital assets with proactive governance.

Learn more arrow_forward View product

verified Full compliance with Law 1581

security

Isolation

Data separated by company

shield

Safe AI

Guardrails and human control

gavel

Compliance

Law 1581 of 2012

admin_panel_settings

Governance

NIST Framework

OWASP Top 10 Standards for LLM

Risk Mitigation

terminal

Prompt Injection

What could happen

Input manipulation to bypass system restrictions.

How we prevent it

Strict prompt validation and semantic filtering layers before processing.

enhanced_encryption

Sensitive Info Disclosure

What could happen

Accidental leakage of sensitive or confidential construction data.

How we prevent it

End-to-end encryption and automatic anonymization of PII data.

output_circle

Improper Output

What could happen

Hallucinatory or inappropriate outputs that affect decision-making.

How we prevent it

Output guardrails and validation by human experts.

admin_panel_settings

Excessive Agency

What could happen

AI taking unauthorized actions in external systems.

How we prevent it

Granular "Least Privilege" permissions and continuous log monitoring.

AI Governance (NIST Framework)

GOVERN

Culture

Institutional risk management

MAP

Context

Threat identification

MEASURE

Analysis

Quantitative assessment

MANAGE

Action

Prioritization and response

Compliance and Privacy in Colombia and LATAM

We operate under the legal framework of Law 1581 of 2012, guaranteeing personal data protection. We clearly define the roles of Controller and Processor for total traceability.

Controller

You maintain full ownership of the data entered.

Processor

Obrity processes information under your explicit instructions.

Questions for Management

How is the isolation of my data guaranteed? expand_more
We implement a multi-tenant architecture with strict logical isolation at the database level. Your data is never used to train third-party global models without explicit consent.
Who has access to AI within my company? expand_more
The system uses an RBAC (Role-Based Access Control) model that integrates with your identity provider. Administrators can define which roles can interact with which models and data sources.
How are AI interactions audited? expand_more
We maintain an immutable audit log that records each query, the generated response and the context used, allowing periodic compliance reviews.