-
Security architecture
System architecture
Public summary of trust boundaries, identity sources, tenant isolation, data residency, and engineering commitments. Full document with internal services, data flows, and key-store layout is shared under NDA.
Summary · full under NDA · reviewed 2026-05-16 Read →
-
Security architecture
STRIDE threat model
Public summary of methodology (STRIDE across eight attack surfaces), scope, cadence, and remediation commitments. Full document — surface inventory, gap log, pen-test findings — is shared under NDA.
Summary · full under NDA · reviewed 2026-05-15 Read →
-
Process commitments
Vulnerability remediation SLAs
How quickly we acknowledge, mitigate, and fix security issues by severity. P0: 1h acknowledge / 4h mitigate / 24h fix. Quotable in your MSA.
Public · reviewed 2026-05-15 Read →
-
Compliance
Sub-processor list
Every vendor that touches customer data, what they do, and their compliance posture. 30-day notice on additions.
Public · reviewed 2026-05-16 Read →