Security
Enterprise-grade controls and privacy-first infrastructure—built so we can't access your customer data even if we wanted to.
Last updated: 17th December 2024
Enterprise security
Security is shared responsibility: you control data residency, keys, and access policies while we maintain the hardened foundation. Third-party audits, penetration tests, and compliance reviews keep us accountable.
Encryption
Data in transit
TLS 1.3 encrypts traffic between your browser and our servers to prevent interception and tampering.
Data at rest
AES-256 encryption protects stored data. Enterprise workspaces can use customer-managed keys for full control.
Infrastructure security
- Isolated tenant clusters for strict data separation
- Automated security patching and updates
- Immutable audit logs streamed to dedicated SIEM pipelines
- Multi-region redundancy for high availability
- DDoS protection and rate limiting
Monitoring & detection
- Real-time anomaly detection across all systems
- Automated intrusion detection and prevention
- Rapid incident response with documented escalation procedures
- Continuous security metrics and alerting
Compliance roadmap
SOC 2 Type II, ISO 27001, and GDPR alignment are core. We provide documentation and attestations for customers under NDA.
- Annual penetration tests and continuous vulnerability scanning
- Vendor reviews and data processing agreements for subprocessors
- Regular independent security audits
- Compliance certifications maintained continuously
Vulnerability disclosure
We operate responsible disclosure. Email [email protected] with details. We acknowledge reports within 12 hours and share remediation timelines.
Access controls
- MFA required for internal access
- Role-based access control (RBAC) with least privilege
- Regular access reviews and automatic deprovisioning
- Audit logging for access to customer data
For security questions, compliance documentation, or to request our security pack, email
[email protected].