DocumentationRequest a Demo
Request a Demo
Platform
Documentation
Trust Center

Security you can validate.

Security, privacy, and quality controls built for enterprise environments.

  • ISO-certified management systems
  • Agentless assessments — no endpoint agents
  • No Domain Admin required for analysis
  • Built for enterprise environments
Request Trust Pack

Certifications

ISO/IEC 27001

  • Information Security Management System (ISMS)
  • Risk-based controls and continual improvement
  • Certificate available upon request

ISO/IEC 27701

  • Privacy Information Management System (PIMS)
  • Privacy controls aligned to ISMS
  • Certificate available upon request

ISO 9001

  • Quality Management System (QMS)
  • Documented processes and measurable outcomes
  • Certificate available upon request

Security controls overview

Access control

  • Role-based access (RBAC) for platform users
  • Least privilege for data collection workflows
  • Separation of duties (admin vs viewer roles)
  • Strong authentication support

Data protection & encryption

  • Encryption in transit (TLS)
  • Encryption at rest (implemented)
  • Secrets stored securely — no hardcoded secrets
  • Secure export controls for reports

Secure development lifecycle

  • Code review and change control
  • Dependency management and patching routine
  • Secure defaults and configuration validation
  • Release integrity checks

Vulnerability management

  • Internal triage process and remediation SLAs
  • Risk-based prioritization
  • Continuous improvement loop from field findings
  • Coordinated disclosure-ready posture

Incident response readiness

  • Documented incident response process
  • Customer communication pathway
  • Evidence preservation approach
  • Post-incident improvements

Business continuity

  • Backup and recovery practices
  • Resilience planning
  • Controlled maintenance windows
  • Operational runbooks

Data handling and privacy

What we collect

  • Identity and configuration metadata required for posture assessment
  • Relationship/permission data for exposure and attack-path analysis
  • Reporting outputs generated from analysis
  • No unnecessary personal content collected

How we protect it

  • Purpose limitation: used only for security assessment and reporting
  • Access controls to restrict who can view results
  • Retention: configurable and minimized
  • Sharing: customer-controlled exports
See Privacy Policy →

Responsible disclosure

If you believe you've found a security issue, we welcome coordinated disclosure.

Report a security issue

Trust FAQ

Ready to review our trust materials?

Request the Trust Pack or talk to an expert about your security requirements.

Request Trust Pack

We respect your privacy

We use cookies to keep this site secure and working properly. With your permission, we also use optional cookies to understand usage and improve the experience. Cookie Policy

You can change your choice at any time.

Trust Center | Company | Forestall