Cyborg, which makes a vector database proxy that delivers full encryption in use, ensuring vectors, metadata and keys remain encrypted at every stage, has partnered with NVIDIA and announced the availability of the Cyborg Enterprise RAG Blueprint, which brings full encryption-in-use to enterprise-grade retrieval-augmented generation (RAG). Available now on build.nvidia.com and GitHub, the blueprint enables organizations to deploy secure RAG workflows and vector embeddings with the CyborgDB encrypted vector store while maintaining best-in-class performance powered by NVIDIA Nemotron open models, NVIDIA NeMo Retriever microservices and NVIDIA accelerated computing. It comes on the heels of an important partnership with NVIDIA which provides essential components of the Cyborg Enterprise RAG Blueprint
“Today’s organizations want to unlock value from AI by centralizing their knowledge into a single vector database to make models more capable and context-aware,” said Nicolas Dupont, Founder and CEO of Cyborg. “That consolidation is fundamental, but it also creates a smaller attack surface with a much larger potential breach radius. Vector databases can therefore become an organization’s biggest liability or its greatest strength. Encryption-in-use addresses this paradox by enabling enterprises to embrace AI confidently without turning innovation into exposure.”
Security organizations like OWASP have warned that vectors and embeddings represent a fast-emerging area of vulnerability. Traditional vector databases will encrypt data at rest and in transit, but still process queries in plaintext. The Cyborg Enterprise RAG Blueprint offers a fundamentally different approach that eliminates the potential exposure of sensitive information with full encryption-in-use, ensuring plaintext never exists in memory, logs, caches or during search.
The Cyborg Enterprise RAG Blueprint embeds generation and cryptographic indexing with user data being parsed and converted into embeddings using an NVIDIA NeMo Retriever embedding model. These embeddings are cryptographically indexed via CyborgDB, Cyborg’s flagship offering,producing encrypted tokens. Encrypted tokens are then stored in standard backing stores with vector search capabilities .
At query time, prompts are embedded and sent to CyborgDB for encrypted cryptographic retrieval. The NeMo Retriever reranking model reorders results by relevance, boosting answer accuracy and quality. Forward-secure indexing prevents reconstruction attacks on historical data
Finally, through key management, the launchable notebook generates an encryption key once and stores it in base64 format on disk, which is then used as the index key. The enterprises fully control and own the encryption keys.
By integrating NVIDIA NIM microservices and NVIDIA cuVS GPU-accelerated search with CyborgDB’s encryption-in-use, the Cyborg Enterprise RAG Blueprint delivers complete data protection without compromising on enterprise-grade performance. The production-ready architecture supports multimodal capabilities, including PDF parsing, advanced table and chart extraction, hybrid search, and reranking with NVIDIA NeMo Retriever, achieving sub-10ms encrypted query performance.
“CyborgDB, is the first and only vector database proxy that delivers full encryption in use, ensuring vectors, metadata and keys remain encrypted at every stage,” Dupont told ChannelBuzz.
“The market is at a tipping point,” Dupont said. “For three years, AI’s center of gravity was training: who had the biggest GPU clusters, who could build the largest models. Now we’re at an inflection point. Investors and customers want ROI from their AI investments, and that ROI comes from inference. To drive value in enterprise AI, you need proprietary data for inference – and that’s where the systemic risk kicks in.
“Think about what’s happening,” Dupont continued. “Companies are taking data that was previously siloed (finance, HR, engineering, customer support) and centralizing it into vector databases to power RAG, semantic search and agentic workflows. This creates a smaller attack surface with a massive blast radius–a single breach exposes everything. Furthermore, vector embeddings aren’t one-way hashes. They’re dense representations of context, and they’re invertible. You can take a vector embedding of someone’s face, their medical record, their financial transaction, and reconstruct the original with high accuracy. This is well-studied in academia and we’ve demonstrated it.
“The work happening in this space is largely academic or focused on approaches like Fully Homomorphic Encryption (FHE), which is promising but comes with massive performance penalties that make it impractical for production workloads,” Dupont stated. “And of course, there’s the work we’re doing at Cyborg with CyborgDB.”
Competitors are beginning to recognize the opportunities and are coming into the space.
“Six months ago, there wasn’t much, really,” Dupont said. “We were one of the few teams focused on encryption-in-use for AI workloads. That’s changing quickly, which is a good thing – it means the market is starting to recognize the risk.
Dupont said that most approaches fall into two categories.
“The first is Fully Homomorphic Encryption (FHE),” he noted. “It’s conceptually elegant but still far too slow for production. When a search that should take milliseconds takes tens of seconds, adoption stops there.
“The second category focuses on traditional boundaries: encryption at rest, in transit, or via TEEs,” Dupont noted. “That’s useful, but it doesn’t protect the data once it’s being used. If a vector database or API key is exposed, the embeddings themselves can still be inverted.
“Our work at Cyborg started from the assumption that encryption has to extend through the full lifecycle, including inference,” Dupont emphasized. “We’ve been building toward that for years, and what matters is that it performs at scale without forcing teams to change their infrastructure. That’s where the differentiation comes from.”
CyborgDB makes strong use of granular cryptography.
“Traditional security assumes there’s a perimeter – a network, a VPC, a defined boundary you can defend,” Dupont commented. “That model doesn’t hold in AI. Data moves constantly between systems, APIs, and memory layers. Granular cryptography is rooted in zero-trust and turns the focus inward. Instead of securing the environment, it secures the data itself. Every record, vector, or metadata entry is encrypted with its own key. The data stays encrypted whether it’s stored, transmitted, or queried.
“The result is resilience,” Dupont emphasized. “If a system is breached, what’s exposed is still cryptographically meaningless. That closes the gap created when enterprises began centralizing data for AI – aggregation improves performance, but also concentrates risk. Granular encryption distributes that risk again, without sacrificing the benefits of centralization.”
Dupont indicated that you haven’t been able to run inference directly on encrypted data.
“Running full inference on encrypted data remains challenging (although our friends at Protopia are working on it!),” he said. “The more useful approach is to minimize whatever gets decrypted. In practice, we can search across encrypted vectors, identify relevant results, and decrypt only a minimal subset – the items that need to be passed to the model for context. That reduces exposure from billions of embeddings to a handful per query. Because the search and indexing are GPU-accelerated and forward-secure, the performance impact is small. We’ve done a lot of optimization work with NVIDIA, which gives us significant speed-ups in both index build and retrieval. And moreover, retrieval is a small part of AI inference – so the end-to-end impact is negligible. This makes encryption-in-use viable for real workloads. The goal remains end-to-end encryption for the entire inference process, including the LLM, but securing the knowledge base – the vector store — is a critical component we’ve now addressed.
Dupont emphasized the importance of the NVIDIA partnership to Cyborg.
“We’re integrating with NVIDIA’s AI data platform stack, across many libraries – namely NVIDIA cuVS, their GPU-accelerated vector search library,” he said,
“The partnership has two major components,” Dupont stated. “The first is technical collaboration. We’ve worked closely with NVIDIA to optimize encrypted vector search on GPUs. CPU-based components like clustering and hashing were replaced with GPU-accelerated operations using cuVS and custom CUDA kernels. The impact is substantial: index builds that once took hours now complete in minutes, and batch retrieval performance improves nearly an order of magnitude. This is the optimization needed for real-world AI.”
Dupont noted that what they and NVIDIA are addressing is the gap between encryption and usability.
“Once data is encrypted, you can’t do much with it,” he said. “You’d have to decrypt to search or query, which creates exposure and adds performance overhead. What CyborgDB enables is encrypted search: the ability to query, rank, and retrieve data without ever exposing it in plaintext. And with NVIDIA, we are able to do it at scale.
“That’s a fundamental shift,” he emphasized. “It means enterprises don’t have to choose between security and functionality – encrypted data remains searchable, and usable, without compromising its confidentiality.”
Dupont said that the partnership’s second component is blueprint integration.
“We’re also part of NVIDIA’s blueprint ecosystem – pre-validated, one-click deployments that combine certified hardware, software, and cloud configurations,” he said. “These blueprints make it easier for enterprises to deploy secure, high-performance AI stacks without extensive setup. As data security becomes a baseline expectation, our encrypted vector search layer fits naturally into that model.
“From a partnership standpoint, NVIDIA has been exceptional,” Dupont stressed. “They move quickly, think long-term, and build deep relationships with developers. For a small company like ours, that kind of collaboration has been both practical and transformative.”
The Cyborg Enterprise RAG Blueprint is available today with deployment guides on build.nvidia.com. Users can deploy the complete, enterprise-ready solution with CyborgDB’s encrypted vector indexing and retrieval in minutes.