🚀 18 AI-powered trade compliance tools — instant access, no implementation — Try all tools free →
Aegis Algorithm
Book a Demo Start for free

Trust & Security

Enterprise-grade security,
built into everything we do

Your compliance data is protected by industry-leading security practices, encryption, and access controls — so you can focus on your business with confidence.

SOC 2 Type II

Annual independent audit of our security, availability, and confidentiality controls. Report available under NDA.

GDPR Compliant

Full compliance with EU General Data Protection Regulation, including data residency options and DPA availability.

ISO 27001

Information security management aligned with ISO 27001 standards. Certification in progress.

Data Protection

Encryption at Rest

All customer data is encrypted at rest using AES-256. Database volumes, backups, and snapshots are encrypted with keys managed through cloud KMS.

  • AES-256 — Database & file storage
  • TLS 1.3 — All data in transit
  • mTLS — Internal service communication

Key Management

Encryption keys are managed through cloud provider KMS with automatic rotation. No plaintext keys are ever stored in code, logs, or configuration files.

  • Automatic rotation — Every 90 days
  • Hardware security modules — FIPS 140-2 Level 3
  • Separation of duties — No single person has key access

Infrastructure Security

Vercel + Neon

Hosted on Vercel and Neon, both SOC 2 certified platforms with global edge infrastructure. Automatic DDoS protection at the edge.

Network Isolation

All services run within isolated VPCs. Database access is restricted to application servers only — no public internet exposure.

Continuous Monitoring

24/7 infrastructure monitoring with real-time alerts. Automated vulnerability scanning of all dependencies on every deployment.

Access Control

Customer Data Isolation

Each customer's data is logically isolated at the database level. Row-level security policies ensure users can only access their own organization's data. All queries are scoped to the authenticated user's organization context.

Authentication & Authorization

JWT-based authentication with configurable session lifetimes. Supports Google OAuth with 2FA enforcement. Role-based access control (RBAC) with admin, user, and read-only roles. All access events are logged to the audit trail.

Audit Logging

Every API request is logged with timestamp, user ID, action, resource, and IP address. Audit logs are immutable and retained for 7 years. Exportable to SIEM systems via API for enterprise customers.

SSO & SAML

Enterprise plans include SAML 2.0 and OpenID Connect (OIDC) single sign-on support. Integrates with Okta, Azure AD, OneLogin, and any SAML-compatible identity provider. Enforce MFA, session policies, and IP allowlists through your IdP.

Compliance & Privacy

SOC 2 Type II

Annual audit

GDPR

EU data protection

CCPA

California privacy

ISO 27001

In progress

Want to learn more?

Contact our security team for a detailed white paper, penetration test reports, or to schedule a security review.

Contact Security Team View Plans