Security & Compliance

Zero-trust architecture built for regulated industries. Your data stays protected at every layer.

Certifications & Standards

SOC 2 Type II

Annual third-party audit of security controls, availability, processing integrity, confidentiality, and privacy.

HIPAA Ready

BAA available. Full support for PHI handling with encryption, access controls, and audit requirements.

GDPR Aligned

Data residency controls, right-to-erasure support, DPA available, and EU hosting options.

Encryption Everywhere

  • AES-256 encryption at rest
  • TLS 1.3 encryption in transit
  • Per-workspace encryption keys
  • Customer-managed keys (BYOK) for Enterprise
  • Hardware Security Module (HSM) key storage

Access Controls

  • Role-based access control (RBAC)
  • SAML 2.0 and OIDC single sign-on
  • SCIM provisioning and deprovisioning
  • Multi-factor authentication
  • IP allowlisting
  • Session management and forced logout

Immutable Audit Trails

Every interaction is logged with an immutable, tamper-proof audit trail. Enterprise plans include 7-year retention with export capabilities.

Complete Visibility

Who accessed what, when, and from where. Full request/response logging for compliance reporting.

Export & Integration

SIEM integration, CSV/JSON export, and real-time streaming to your security operations center.

Infrastructure Security

  • Workspace isolation — no data leakage between tenants
  • Network segmentation and micro-segmentation
  • Regular penetration testing by third-party firms
  • Vulnerability scanning and dependency auditing
  • DDoS protection and WAF
  • 99.99% uptime SLA (Enterprise)

Need More Details?

Request our SOC 2 report, security whitepaper, or schedule a call with our security team.

Talk to Security Team Security Docs