PLATFORM / SECURITY

Security as architecture.

Not a policy doc. Architectural. SOC 2 Type II, ISO 27001, region-pinned residency, immutable audit log on every action — agent or human.

Trust center Request SOC 2

THE STACK

Five layers. Every action signed.

Each layer of the platform — identity, encryption, residency, audit, sub-processors — is a deliberate architectural choice, not a checkbox. Every agent or human action passes through all five and is signed into the audit log before it commits.

SOC 2 Type II, ISO 27001, GDPR — current attestations on the trust center
Customer-managed keys (BYOK) on Enterprise tier
Public sub-processor list with 30-day notice on changes

Encryption

AES-256 at rest, TLS 1.3 in transit. HSM-managed keys. Customer-managed keys (BYOK) on Enterprise.

Identity

Okta, Azure AD, Google Workspace, OneLogin SSO. Row-level RBAC, scoped API keys.

Audit log

Every action — agent or human — logged, signed, queryable via API for SOC 2 audits.

Residency

Region-pinned in US, EU, MENA, APAC. Data never leaves your region without explicit approval.

Sub-processors

Public, versioned list. 30-day notice on changes.

Incident response

Documented IR plan, 72-hour notification commitment, public postmortem within 14 days.

REQUEST THE TRUST PACK

So your security team can say yes.

Request SOC 2 Trust center