Trust Center

Built by people who
read other people's audits.

Security tooling earns the right to ingest your most sensitive telemetry. We treat that bar as the floor, not a marketing line. Below: every certification, every architectural decision, every document available on request, in one place.

SOC 2 audit underwayISO 27001 Stage 2 scheduledGDPR DPA availablePen-tested quarterlyBug bounty live
Posture

Architecture choices,
made out loud.

Data handling
  • Metadata-only by default, no source code or PII leaves your tenant unless you opt in.
  • BYOK & customer-managed keys on Enterprise.
  • Single-tenant, BYO-VPC, and air-gapped deployment options.
Identity & access
  • SSO via SAML / OIDC. SCIM provisioning. MFA required for all staff.
  • Read-only by default on every connector. Write actions require an explicit, signed scope contract.
  • Quarterly access reviews, public summary in the audit pack.
Operational security
  • Production access via short-lived, JIT credentials. No standing prod creds.
  • Continuous validation of our own platform, yes, we eat the dog food.
  • Disclosed bug bounty via HackerOne since 2025-Q4.
Resilience
  • 99.95% uptime SLA on Enterprise · 99.9% on Pro.
  • Multi-region active-active in US-East, EU-Central, and AP-Southeast.
  • Quarterly DR drills with public post-mortems for any incident > Sev-3.
Compliance

Frameworks, status,
and the receipts.

Request audit pack
Framework
Status
Notes
SOC 2 Type II
In Progress
AICPA audit underway · report available post-attestation
ISO 27001
In Progress
Stage-2 audit scheduled · management system in place
GDPR
In Progress
Article 28 DPA · EU SCCs · data residency controls rolling out
Start today

Connect a repo.
See your first proven path.

Read access. 30 minutes. No credit card.

Book a DemoTalk to sales