Secure by design. Not as an afterthought.
Security is a "core, non-negotiable requirement" embedded in our platform's architecture and our entire development lifecycle. Our primary technical whitepaper provides a comprehensive overview of this commitment.
Our core technical whitepaper
The "Security Architecture & Data Governance Overview" is our primary transparency asset, detailing our multi-layered 'Defence-in-Depth' approach and 'Secure by Design' philosophy.
Technical controls at a glance
Secure Software Development Lifecycle (SSDLC)
Our SSDLC includes formal threat modelling, automated Static Application Security Testing (SAST), Software Composition Analysis (SCA) for third-party libraries, and regular, independent penetration tests to validate our defences.
Data encryption
Your data is encrypted in transit with TLS 1.3 and at rest using AES-256 (via Transparent Data Encryption). Cryptographic keys are isolated on a per-tenant basis in Azure Key Vault, a process enabling our 'Crypto-Shredding' capability.
Identity & access management (iplicit personnel)
We enforce a Zero Trust model. Access to production systems is granted *only* via Azure Privileged Identity Management (PIM), eliminating standing admin privileges. All access is time-bound, requires approval, and is fully audited.
Need more detail?
For specific attestations, like our Penetration Test Summary or a pre-filled security questionnaire, please use our simple 'Trust Request' form. This is a low-friction verification step that avoids legal NDAs for most requests.
