Trust Evidence

Proof. The evidence behind the layer.

Operational case records. Security certifications. Patents. Research. Awards. Partnerships. The trust signals procurement, security, and audit teams need—consolidated.

raw data egress to external AI (air-gapped case)

0.94

PII detection F1 in automated de-identification

Blocked → Enabled

external LLM use on data that was previously off-limits

// Deployed across regulated industries — finance · public sector · defense · healthcare · telecom

Customers

Woori BankKYOBOHana BankSamsung SecuritiesSK telecomEUMCClaroty

Certifications

ISO 27001ISO 42001GS Certified · Grade 1KISA Fast Track

Partners

AWS MarketplaceNVIDIA InceptionNaver Cloud

Awards & Recognition

Minister of Science & ICT PrizeEmerging AI+X Top 100T-Challenge 2026

Operational case records

Real workflows that were blocked by data exposure, then unblocked with LLM Capsule. Each record shows what changed, the protection mechanism, and how it can be reproduced for audit. Filter by capability; click any record to expand.

6 records · filtered: all

ExposedSensitive data in prompts (before)

SubstitutedSensitive fields (after)

PreservedOutput usability

Before

Claims documents containing policyholder names, ID numbers, and medical details were sent directly to an external LLM API. The compliance team blocked the workflow.

After

LLM Capsule substituted sensitive fields with restorable stand-ins before submission. Outputs returned and were reconstructed locally for downstream system use.

What Changed

The LLM Capsule layer was inserted into the workflow. Substitution covered names, IDs, dates, and medical field patterns. Sensitive raw values stayed in the local token vault.

Reproduce

Each substitution run is logged and bound to a fixed release state, so the workflow is reproducible with the same substitution logic for audit and regression verification.

Detection — names, IDs, dates, medical field patterns
Substitution — restorable stand-ins before submission
Capsule transmission — only the protected capsule reaches the LLM
Restoration — outputs reconstructed locally for downstream systems

↑ Trust boundary — raw policyholder & medical data never crosses

State CardSubstitution LogToken Vault RecordRe-run Record

BlockedExternal LLM (before)

EnabledExternal LLM (after)

0%Raw data egress

N2SFGuideline aligned

Before

In a network-separated (air-gapped) environment, external LLMs could not be used at all, and concern over classified-context exposure blocked AI adoption entirely.

After

LLM Capsule encapsulates the sensitive context locally — only the protected capsule, not the original, is processed by the external LLM, and the result is rehydrated locally inside the boundary. The raw classified context never crosses the boundary, aligned with N2SF guidelines.

What Changed

Sensitive context is substituted with local stand-ins before processing and reconstructed locally after — no original data leaves the enclave.

Reproduce

Every encapsulation/restoration event is logged locally, so any processed request can be reconstructed and inspected within the boundary.

Sensitive context — classified operation detail
Encapsulation — performed locally inside the enclave
Execution — capsule processed, 0% raw data egress
Restoration — rehydrated locally; N2SF guideline aligned

↑ Trust boundary — nothing crosses the air gap; raw context stays inside

Local Token VaultAudit LogN2SF Alignment

BlockedLLM on internal docs (before)

EnabledSecure LLM use (after)

LocalPII detect & restore

Before

Internal documents — contracts, HR records, customer files holding personal and confidential information — could not be sent to ChatGPT, Claude, or Gemini for summarization or search. The security team blocked it.

After

LLM Capsule detects and substitutes personal and confidential fields locally before the request reaches an external LLM, then restores the original values in the response — so staff can summarize and query internal documents without raw data leaving the organization.

What Changed

The LLM Capsule gateway was placed between internal tools and the external LLM. Detection covered names, contacts, IDs, and account/contract identifiers; raw values stayed in the local token vault.

Reproduce

Each request's substitution is logged and bound to a fixed release state, so a given document-Q&A run can be reconstructed for audit.

Detection — names, contacts, IDs, account/contract identifiers
Substitution — restorable stand-ins before the request leaves
Gateway — only the protected request reaches ChatGPT / Claude / Gemini
Restoration — original values rehydrated locally in the response

↑ Trust boundary — raw internal documents never reach the external LLM vendor

Substitution LogToken Vault RecordAudit Log

BlockedValidation status (before)

UnblockedValidation status (after)

DP-safePrivacy method

Before

Real patient records required for model validation could not be accessed due to regulatory constraints. The validation pipeline stalled.

After

Differential-privacy-safe (DP-safe) replacement records matching real distribution characteristics — without containing real identifiable information — unblocked the validation pipeline.

What Changed

Non-accessible real records were replaced with DP-safe equivalents. Data distribution preserved, compliance review passed, validation pipeline resumed without modification.

Reproduce

The replacement dataset is versioned and bound to a fixed data state, so the validation run is reproducible with the same distribution on demand. Audit trail maintained throughout.

Restricted input — real patient records (regulatory block)
Replacement — DP-safe, distribution-matched equivalents
Privacy — no real identifiable information in the dataset
Outcome — validation unblocked; compliance review passed

↑ Trust boundary — real patient identifiers never enter the pipeline

State CardDP Audit LogDataset Version

RestrictedRaw OT data (before)

EnabledAI threat analysis (after)

Structure-preservingDe-identification

Before

OT/ICS network data carried sensitive operational details, so it could not be sent to an external AI for automated threat analysis.

After

Structure-preserving de-identification lets an AI agent analyze the network data and answer threat questions — sensitive values replaced with stand-ins while relationships are preserved. (Integrated with a global OT security platform's detection solution.)

What Changed

Network-data sensitive fields are substituted while topology and relationships are kept intact, so the agent can reason over realistic context.

Reproduce

The de-identified dataset and the agent's analysis are bound to a fixed data state, so the same analysis can be re-run and verified.

Restricted input — OT/ICS network data with operational detail
De-identification — structure-preserving (topology kept intact)
Analysis — AI agent reasons over realistic, safe context
Integration — works with a global OT security detection platform

↑ Trust boundary — sensitive operational values never leave de-identified

De-identified DatasetAgent Analysis LogStructure Map

ManualRelease screening (before)

AutomatedScreening (after)

0.94PII detection F1

Multi-agentDetect · trace · de-identify

Before

Users exporting sensitive aggregate statistics required manual, per-desk de-identification and release review — inconsistent and hard to audit.

After

A per-desk de-identification module plus a multi-agent pipeline detects, traces, and de-identifies personal information in aggregate data, automating and standardizing the release-review process.

What Changed

Release State fingerprints the data before and after de-identification, so which records were transformed — and how — is traceable for audit.

Reproduce

A prior release can be replayed against its bound Release State, reproducing the screening process for regulatory inspection.

Before — manual, per-desk de-identification (hard to audit)
Detection — multi-agent PII detection (F1 0.94)
Pipeline — detect, trace, de-identify, standardize
Audit — release state fingerprinted before & after

↑ Trust boundary — PII removed and traced before any release

De-identification ReportRelease Audit LogDetection TraceState Card

Security and compliance standards

Independently audited certifications behind LLM Capsule.

Certification

ISO 27001 — Information Security Management

International Standard · Certified by Korea Foundation for Quality (KFQ)

International standard for information security management. Demonstrates a systematic approach to protecting sensitive information.

Certification

ISO 42001 — AI Management System

International Standard · Certified by Korea Foundation for Quality (KFQ)

International standard for AI management systems. Demonstrates responsible AI governance and risk management.

Certification · GS Grade 1

GS Certification (Grade 1) — LLM Capsule

Korean SW Quality Certification, Grade 1 · LLM Capsule 2024 · listed on the public Innovation Procurement Marketplace

Top-grade (Grade 1) Korean government software-quality certification, supporting public-sector procurement via the Innovation Marketplace.

Government Track

KISA Fast Track (2024)

Korea Internet & Security Agency (KISA) · 2024

Selected for the KISA information-security industry Fast Track program.

Patents and applications

Registered patents and pending applications behind LLM Capsule — the documented foundation for using AI without exposing private information.

Patent · KR Registered · US Pending

AI-Based Service Providing Method Without Leaking Private Information and Client Apparatus

KR Reg. No. 10-2757651 (App. 10-2023-0133086, Registered 2025-01-16) · US App. No. 18/908,054 (Filed 2024-10-07)

Core LLM Capsule patent. Method and client apparatus for AI services without exposing private information — registered in Korea, pending in the US.

Patent · Pending · KR + US

Method for Providing Security for On-Device Artificial Intelligence Models

KR App. No. 10-2025-0003223 (Filed 2025-01-09) / 10-2026-0000037 (priority, Filed 2026-01-02) · US App. (Ref. PO25-025-US)

Security provisioning method for AI models running on-device — supports the on-prem / air-gapped execution path. Korean priority applications with a corresponding US filing.

Patent · Pending · KR · Expedited

Data Management Method and System for AI Execution Control

KR App. No. 10-2026-0053050 · Filed 2026-03-24 · Expedited examination granted 2026-04-08

Method and system for controlling and managing data state within AI execution environments. Expedited examination granted.

Patent · Pending · KR

Method and Inference Apparatus for Building Deep Learning Models Robust to Private Information Exposure

KR App. No. 10-2023-0074745 · Filed 2023-06-12

Deep-learning model construction robust to private-information exposure. Applicant: Ewha Womans University (co-research).

Patent · Pending · KR

Method and Analysis Apparatus for Building AI Models that Process Heterogeneous Datasets

KR App. No. 10-2023-0013029 · Filed 2023-01-31 · Under examination

AI model construction method for heterogeneous datasets. Applicant: Ewha Womans University (co-research).

The research behind the protection

LLM Capsule draws on privacy and security research the founding team published in peer-reviewed venues — on de-identification, membership-inference defense, and security in distributed machine learning. Each result below states what the work did, then how the same principle shows up in the data layer today.

De-identification & sensitive-data protection

IEEE BIBM 2023

Privacy-Preserving Publishing of Individual-Level Medical Data for Cloud Services

Ho Bae, Heonseok Ha, Siwon Kim · IEEE BIBM · Istanbul, Dec 2023

Formalizes how individual-level medical records can be released to cloud services under strict privacy constraints while staying useful. It frames the exact problem LLM Capsule addresses: letting an organization use sensitive data with an external service without handing over the raw records.

IEEE/ACM TCBB 2022

DNA Privacy: Analyzing Malicious DNA Sequences Using Deep Neural Networks

Ho Bae, Seonwoo Min, Hyun-Soo Choi, Sungroh Yoon · IEEE/ACM Transactions on Computational Biology and Bioinformatics · 2022

A deep-learning approach to security and privacy on genomic sequences — among the most tightly regulated data classes there is. It shows how far the founding team's privacy research reaches, well beyond the document and tabular data an AI data layer handles day to day.

PSB 2020

AnomiGAN: Generative Adversarial Networks for Anonymizing Private Medical Data

Ho Bae, Dahuin Jung, Hyun-Soo Choi, Sungroh Yoon · Pacific Symposium on Biocomputing · 2020

Anonymizes sensitive medical records with a GAN while preserving the statistical structure downstream models rely on. LLM Capsule works from the same structure-preserving principle: it de-identifies fields before they reach an external LLM and restores them afterward, so the data stays usable without being exposed.

Membership & inference-attack defense

BMVC 2022

MPGAN: Membership Privacy-Preserving GAN

Heonseok Ha, Uiwon Hwang, Jaehee Jang, Ho Bae, Sungroh Yoon · BMVC · London, Nov 2022

Trains generative models that resist membership-inference attacks, so an adversary can't tell whether a given record was in the training data. The same concern drives how LLM Capsule keeps individual records from being re-identifiable in what a model returns.

ACM AsiaCCS 2022

Membership Feature Disentanglement Network

Heonseok Ha, J. Jang, Y. Jeong, S. Yoon · ACM Asia Conference on Computer and Communications Security · 2022

Disentangles membership-revealing features from model representations, lowering exposure to inference attacks. It is the kind of privacy guarantee enterprise buyers ask about before sensitive data ever touches a model.

Selected publications by the CUBIG founding team and collaborators. Full publication list and citation counts available on request.

Awards and recognition

Each entry lists the issuing body, date, and exactly what was recognized — the verifiable basis behind the recognition, for buyers who need more than a logo.

Industry Award

Deutsche Telekom T-Challenge 2026 — 2nd Place

T-Mobile / Deutsche Telekom · 2026

Placed 2nd in the global open-innovation program with de-identification and local restoration technology.

Government Award

Information Security Product Innovation Award — Minister of Science and ICT Prize

Ministry of Science and ICT · 2024-11-26

Grand Prize, Information & Physical Security category.

Recognition

2026 Emerging AI+X Top 100

Korea AI Industry Association · 2026

Selected for the zero-access architecture and privacy technology.

Startup Recognition

NVIDIA Inception · SKT × Hana Bank AI Accelerator

2024–2025

NVIDIA Inception member and joint AI startup accelerator selection.

Recognition

Startup World Cup Finalist · NextRise Global Innovator

2024

Global startup competition finalist and innovator selection.

Technology and ecosystem partners

What each partnership concretely provides — deployment channel, infrastructure, or validation — not just a logo wall.

Marketplace

AWS Marketplace

LLM Capsule listed · procurement-ready

Available for direct purchase and private-offer deployment through AWS, simplifying enterprise procurement.

Infrastructure

NVIDIA Inception

Member program

Access to NVIDIA's technology and go-to-market resources supporting on-prem and accelerated deployment.

Cloud

NAVER Cloud

Deployment partner

Korean public/enterprise cloud deployment path, relevant for data-residency-constrained customers.

In the press

Coverage and interviews relevant to LLM Capsule and the secure-AI approach.

Press Coverage

CUBIG Validates LLM Capsule's Technical Efficacy Across Global Industrial Sites ↗

Korea Economic Daily Business · April 22, 2026

Coverage of LLM Capsule's Zero Exposure AI Gateway architecture being validated in production alongside global industrial cybersecurity firm Claroty, with original data never reaching external LLM vendors.

Press Coverage

CUBIG Listed in Gartner Hyper-Synthetic Data Report — Only Asian Vendor Named ↗

Electronic Times (etnews) · July 30, 2025

Gartner's "Emerging Tech: Trends for Hyper-Synthetic Data" (June 2025) named CUBIG as one of 26 global key vendors following a 4-month deep-dive interview process and analysis of 60+ real-world use cases. The only Asia-based company on the list.

Press Coverage

LLM Capsule Emerges as Essential Tool for Safe Enterprise AI Adoption ↗

Korea Economic Daily · April 1, 2025

As enterprises and public institutions hesitate to deploy generative AI over data leakage concerns, LLM Capsule's real-time sensitive-data blocking for ChatGPT, Claude, and Gemini is gaining recognition as the go-to solution for compliant AI use.

Interview

[VivaTech 2025] CUBIG — "Designing the Future of AI Data Security" ↗

NewsPim · June 4, 2025

CEO Bae Ho interviewed at VivaTech 2025 in Paris, covering CUBIG's three core technologies — DTS, LLM Capsule, and DataXpert — and explaining why air-gapped deployment is driving rapid uptake in finance, healthcare, and defense.

Press Coverage

LLM Capsule Selected for South Korea's Government Tech Pilot Purchase Program ↗

TechWorld News · June 2, 2025

The Ministry of SMEs and Startups selected LLM Capsule for its technology pilot procurement program, clearing rigorous evaluation on technical capability, market viability, and innovation — opening a direct public-sector deployment path.

Press Coverage

CUBIG to Unveil Next-Generation Synthetic Data Technology at World IT Show 2025 ↗

AVING News · April 22, 2025

CUBIG showcased LLM Capsule at WIS 2025 at COEX Seoul, highlighting standalone air-gapped operation, beta testing with global SaaS and healthcare companies, and planned cloud integration with AWS and Google Cloud.

Common questions

Operational evidence is concrete, verifiable documentation that an AI system behaves as claimed in real production conditions — what was blocked before, what changed after deployment, the deployment reference, and the certifications, patents, and peer-reviewed research that back it. It is the difference between a marketing claim and a record a procurement or audit team can verify.

Through third-party certifications (ISO/IEC 27001, ISO/IEC 42001, KISA Information Security Fast Track, GS Certification), registered patents covering privacy-preserving AI services and on-device AI security, peer-reviewed publications by the founding team, and deployment references across regulated industries.

Certifications show an independent body has audited the security and AI-management practices; patents show the protection method is novel and documented; peer-reviewed research shows the underlying techniques withstand academic scrutiny. Together they let a buyer rely on more than the vendor's own word.

No. Across every record on this page, only the encapsulated capsule context is shared with AI. Sensitive values stay inside the environment through structure-preserving, differential-privacy-based encapsulation, and outputs are restored locally into the originating workflow.

The certifications, patents, research papers, and press items on this page each cite a primary source you can check independently — without taking our word for it. The certifications have issuing-body certificate numbers confirmable with the certifier; the patents list their official KIPO numbers, lookupable in the national registry or Google Patents; the papers cite venue and authors traceable through DBLP; and every press item links to its original article.

Credible proof is evidence a third party can verify without relying on the vendor's word — not a testimonial or a marketing line. For an AI data layer that means several signals together: operational records of what was blocked and what changed, independent certifications, registered patents in a public registry, and peer-reviewed publications by the founding team. Any one alone is weak; together they let a buyer rely on more than a promise.

Want the evidence applied to your own workflow?

Bring one workflow that's blocked today because of data exposure. We'll show what the proof looks like on your data, your systems, your constraints.

Request a Demo See the Architecture

Email : contact@cubig.ai

CUBIG LTD (United Kingdom)

Company Number: NI735459
Address: 21 Arthur Street, Belfast, Antrim, United Kingdom, BT1 4GA

CUBIG CORP (Republic of Korea)

Business Registration Number : 133-81-45679

E-Commerce Registration : 2023-Seoul-Seocho-2822

Address: 4F, NAVER 1784, 95, Jeongjail-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea

Product

Resources

Company

Legal

Consent Preferences

Email : contact@cubig.ai

CUBIG LTD (United Kingdom)

Company Number: NI735459
Address: 21 Arthur Street, Belfast, Antrim, United Kingdom, BT1 4GA

CUBIG CORP (Republic of Korea)

Business Registration Number : 133-81-45679

E-Commerce Registration : 2023-Seoul-Seocho-2822

Address: 4F, NAVER 1784, 95, Jeongjail-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea

Product

Resources

Company

Legal

Consent Preferences

Email : contact@cubig.ai

CUBIG LTD (United Kingdom)

Company Number: NI735459
Address: 21 Arthur Street, Belfast, Antrim, United Kingdom, BT1 4GA

CUBIG CORP (Republic of Korea)

Business Registration Number : 133-81-45679

E-Commerce Registration : 2023-Seoul-Seocho-2822

Address: 4F, NAVER 1784, 95, Jeongjail-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea

Product

Resources

Company

Legal

Consent Preferences

Email : contact@cubig.ai

CUBIG LTD (United Kingdom)

Company Number: NI735459
Address: 21 Arthur Street, Belfast, Antrim, United Kingdom, BT1 4GA

CUBIG CORP (Republic of Korea)

Business Registration Number : 133-81-45679

E-Commerce Registration : 2023-Seoul-Seocho-2822

Address: 4F, NAVER 1784, 95, Jeongjail-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea

Product

Resources

Company

Legal

Consent Preferences

Email : contact@cubig.ai

CUBIG LTD (United Kingdom)

Company Number: NI735459
Address: 21 Arthur Street, Belfast, Antrim, United Kingdom, BT1 4GA

CUBIG CORP (Republic of Korea)

Business Registration Number : 133-81-45679

E-Commerce Registration : 2023-Seoul-Seocho-2822

Address: 4F, NAVER 1784, 95, Jeongjail-ro, Bundang-gu, Seongnam-si, Gyeonggi-do, Republic of Korea

Product

Resources

Company

Legal

Consent Preferences