Our Security Approach
Zero-trust by design
Built for enterprise revenue data. Zero-trust architecture, least-privilege enforcement, and full encryption in transit and at rest.
Learn more →Data Protection & Privacy
Your data is yours
Your data is never used to train AI models. Tenant isolation, data minimisation, configurable retention, and privacy-compliant DPA.
Learn more →Access Controls & Least Privilege
Humans control access
RBAC, MFA, SSO, credential vault, and instant access revocation. Every person and AI workflow scoped to exactly what they need.
Learn more →Compliance Certifications
SOC 2, CCPA
We operate to SOC 2 controls today. CCPA compliant. Annual pen testing. DPA and security questionnaire available on request.
Learn more →AI-Specific Risk Mitigation
Guardrails on every workflow
Strict, Moderate, and Advisory guardrail levels. Humans define what AI can and cannot do, no hallucinations, no unauthorised actions.
See the guardrail org chart →Threat Detection & Monitoring
Always on
24/7 infrastructure monitoring, automated anomaly detection, defined incident response SLAs, and an immutable audit log across all actions.
Learn more →Vendor & Supply Chain Risk
Vetted infrastructure
SOC 2 certified cloud infrastructure, rigorous AI model vetting, geo-redundant storage, and documented business continuity procedures.
Learn more →Trust Center & Resources
For your procurement team
Security whitepaper, pen test summary, DPA, and pre-filled security questionnaire responses, everything your security team needs to evaluate us.
Request documentation →AES-256
Encryption at rest
TLS 1.2+
Encryption in transit
24/7
Infrastructure monitoring
SOC 2
Controls in operation
Our team will walk you through the platform's security architecture and provide the documentation your procurement process requires.