External traffic is filtered through a Web Application Firewall with role-based security groups.

All infrastructure is deployed on AWS using secure configurations and VPCs

Data is stored in the Oregon (us-west-2) AWS region across multiple availability zones.

Data is encrypted in transit using TLS 1.2+ and at rest with server-side encryption in AWS S3 and DynamoDB.

We offer robust single-tenant stacks for enterprise customers, allowing for increased data isolation.

All data in our multi-tenant deployments is logically segregated, and enterprise customers can elect to add organization segregation to their single-tenant deployments.

Administrators can manage user roles, permissions, and access to projects.

We support 2FA, single sign-on (SSO), and domain-based login restrictions for enhanced security.

Access to customer data is restricted to authorized employees following strict confidentiality policies.

We maintain a formal program to monitor and enforce security controls and compliance.

We maintain comprehensive policies, including incident response, access control, and data retention.

Vendors are carefully reviewed and reassessed annually to ensure compliance to security and privacy standards.