Enterprise-grade security for every team — from startups to Fortune 500. Your data is protected at every layer.
Every tier of your data is protected — from wire encryption to access control.
All data encrypted at rest using AES-256-GCM. Keys are rotated automatically every 90 days.
All traffic encrypted with TLS 1.3. Legacy TLS versions are rejected at the load balancer.
TOTP-based 2FA is available to all users. SSO via SAML 2.0 / OIDC for Enterprise plans.
Granular RBAC with Owner, Admin, Agent, and Viewer roles. Restrict access by team, tag, and data type.
Every API call, login, and data change is logged and immutable. Exportable for compliance review.
Adaptive rate limiting at the API gateway with automated DDoS mitigation via Cloudflare.
Independent penetration tests by Cobalt.io conducted every year. Reports available on request under NDA.
Choose where your data lives — EU (Frankfurt) or US (Virginia). Data never leaves your chosen region.
We take security vulnerabilities seriously and reward researchers who responsibly disclose issues. Our programme is managed through Intigriti.
Rewards range from £50 for low-severity findings to £10,000 for critical vulnerabilities. We respond to all valid reports within 48 hours.
Our security team can provide SOC 2 reports, pen test summaries, and complete security questionnaires for enterprise procurement.