Secure by design
Enterprise-grade security and operational controls powering mission-critical apps for 5000+ engineering teams.
Compliance
Data security
Encryption
Secure your data at rest and in transit with enterprise-grade protection.
Audit logs
Monitor system events for operational visibility and security compliance.
Private endpoints
Securely connect to Pinecone without exposing traffic to the public internet.
Customer Managed Encryption Keys
Encrypt data using your own cloud provider KMS for enhanced control.
Authorization and authentication
API key roles
Granular access control that grants each application only the permissions it needs.
User RBAC
Assign roles and permissions to ensure secure, role-based access to Pinecone.
SAML SSO
Simplify and secure user authentication with seamless single sign-on.
MFA
Add an extra layer of security with two-step verification for your Pinecone account.
Reliability and availability
99.95% uptime SLA
Guaranteed critical reliability with a 99.95% uptime SLA.
Backup and restore
Guaranteed critical reliability with a 99.95% uptime SLA.
Deletion protection
Prevent accidental deletion of an index and its data with an additional layer of verification.
Cross-region replication
Deployments automatically span multiple availability zones, ensuring hands-off resilience.
FAQs
Pinecone uses encryption at rest and in transit, with AES-256 encryption standard. Your data remains isolated and protected, and is only used for servicing API calls.
Pinecone is SOC2 Type II certified, HIPAA compliant (with BAA available upon request), and GDPR-ready.
Pinecone uses API keys for authentication across environments. Each project has one or more API keys with configurable permission roles for both control plane and data plane access.
Yes, organizations can configure SSO to manage team access through their identity management solution.
Pinecone uses TLS 1.2 protocol with AES-256 encryption for data in transit through HTTPS and gRPC connections. For stored data, AES-256 encryption is used.
Pinecone provides role-based access controls (RBAC) at both organization and project levels. You can manage API key permissions and assign specific roles to control who can access and modify your data.