Trust. Security.
Transparency.

Self-hosted in customer cloud environments with comprehensive access controls, monitoring, and system hardening

• Customer retains full control of infrastructure
• Network segmentation and firewall protection
• DDoS protection and monitoring
• AWS WAF implemented with Defang
• Unique authentication and MFA for all production systems
• Authorized access controls for databases, OS, and network components
• Prompt access revocation upon personnel termination
• Encrypted remote access with mandatory MFA
• Intrusion detection and comprehensive log management
• Infrastructure monitoring with real-time alerts
• Network and system hardening standards maintained
• Annual security reviews and hardening assessments

Secure coding standards, continuous vulnerability scanning, and third-party security assessments

• Continuous vulnerability scanning
• Secure coding standards and code reviews
• Third-party security assessments by we45
• Automated security testing in CI/CD pipeline

TLS 1.2+ for data in transit, AES-256 encryption at rest with comprehensive data lifecycle management

• TLS 1.2+ for all data transmission
• AES-256 encryption at rest
• AWS Key Management Service integration
• Customer-controlled encryption keys
• Data classification and access restriction to authorized personnel
• Data retention and disposal procedures established
• Customer data deletion upon service exit
• Sensitive data handling protocols
• Data sovereignty maintained in customer environment

SSO integration with customer identity providers and MFA enforcement

• Single Sign-On (SSO) integration
• Google, Microsoft, and custom identity providers
• Multi-Factor Authentication (MFA) support
• Role-based access control (RBAC)

Formal incident response plan with customer-initiated incident management

• Formal incident response procedures
• Customer-initiated incident management
• 24-hour SLA for enterprise support
• Comprehensive logging and monitoring

Continuous vulnerability scanning with independent security assessments

• Continuous vulnerability scanning
• Independent security assessments by we45
• View VAPT Report ↗
• Regular penetration testing
• Automated security monitoring

Comprehensive personnel controls, asset management, and physical security measures

• Background checks for all personnel with access to production systems
• Security awareness training and annual performance evaluations
• Code of conduct and confidentiality agreements
• Production inventory maintained and regularly updated
• Portable media encryption and mobile device management (MDM)
• Visitor sign-in procedures and badge requirements
• Escorted access to secure areas enforced
• Physical security controls and monitoring

Business continuity, change management, governance, and incident response procedures

• Business continuity and disaster recovery plans documented and tested
• Cybersecurity insurance coverage maintained
• Authorized, documented, and reviewed change management procedures
• Production deployment restrictions and testing requirements
• Defined security roles and maintained security policies
• Board oversight and regular risk assessments conducted
• Vendor management and third-party risk assessments
• Formal incident management policies and procedures
• Data backup procedures and system change communication
• Support resources and service commitments communicated to customers