Security and privacy, by default.
Encryption in transit and at rest, two-factor authentication, strict workspace isolation, and controls that keep an agent from doing something it shouldn't. The essentials done right, plus the parts most AI tools skip.
Data & encryption
Your data, protected.
Encrypted in transit
Every connection to Hania runs over TLS. The whole app and API are HTTPS, end to end.
Encrypted at rest
Stored data and credentials are encrypted at rest.
Per-tenant encrypted credentials
Tool and integration secrets are encrypted with AES-256-GCM and tied to your workspace, so a secret from one workspace can't be read anywhere else. They're never shown back, not even to you.
Automatic PII redaction
Card numbers, government IDs, and personal details are caught in real time and kept out of what gets stored.
Workspace isolation
Every record is scoped to its workspace. One workspace can never see another's data.
Delete on demand
Delete your account and your data is removed. Delete a conversation or a bot and its related data goes with it.
Accounts & access
Control who gets in.
Two-factor authentication
Authenticator apps (TOTP), emailed codes, and one-time backup codes.
Enforce 2FA workspace-wide
Admins can require every member to turn on 2FA before they can access the workspace.
Role-based access
Admin and member roles control who can change what in a workspace.
Session and device management
See every active session and sign out a single device, or every other device, in one click.
Verified signup
Email verification and CAPTCHA keep bots and abuse out from the very first step.
Brute-force protection
Repeated failed logins lock the account for a while, and sensitive endpoints are rate limited by IP.
Agents & platform
The parts most AI tools skip.
SSRF protection
When an agent fetches a URL or calls an API, requests to internal networks and cloud-metadata endpoints are blocked.
Malicious-request filtering
Injection, path-traversal, and scanner probes are blocked at the door, and IPs that keep trying are cut off.
Egress guard
A tool that sends data out is stopped from shipping it anywhere the task didn't ask for, which shuts down a whole class of prompt-injection attacks.
You gate destructive actions
Every tool is classified for whether it changes data or is hard to undo, and you decide what an agent is allowed to do unattended.
Scoped, revocable API keys
Programmatic keys are limited to specific abilities and rate limited, and can be revoked or set to expire at any time.
Every action is traced
Each agent run leaves a step-by-step trace of what it did, so you can see exactly what happened and when.
Documents