Home·Company·Security
Security

Your data, your environment, your policies.

Built for institutional credit data. Encryption in transit and at rest. Per-decision audit trails. Configurable retention. Deploy in our cloud, your VPC, a dedicated single-tenant tenant, or fully on-prem.

Controls

How we secure your data.

The controls your security and compliance teams will actually ask about.

01 / Encryption

Encryption everywhere.

Data encrypted in transit (TLS 1.3) and at rest (AES-256). Customer-managed keys available on enterprise tier.

  • TLS 1.3 minimum on all transit
  • AES-256 at rest, customer-managed keys (CMK) supported
  • Key rotation per industry standard
02 / Access

Least-privilege access.

Role-based access controls scoped to your tenancy. SSO via SAML or OIDC. Audit logs on every access event.

  • RBAC with customer-defined roles
  • SSO via SAML 2.0 / OIDC
  • MFA enforced for all privileged actions
03 / Audit trails

Per-decision audit logs.

Every AI decision and every data access logs the actor, timestamp, inputs, and outputs. Logs are immutable and retained per contract.

  • Reproducible per-decision audit logs
  • Immutable log storage with cryptographic integrity
  • Searchable + exportable on customer demand
04 / Data lifecycle

Configurable retention.

You choose how long we keep data. Borrower PII, loan-level data, and audit logs each have separate retention policies you control.

  • Per-data-type retention policies
  • Right-to-delete on contract end or customer request
  • Data residency on request (US-only or EU-only)
05 / Network

Network isolation.

Default multi-tenant cloud with strict tenant isolation. Single-tenant and VPC-peered options available for enterprise.

  • Tenant isolation at storage and compute layer
  • Private endpoints / VPC peering supported
  • IP allowlisting for API access
06 / Vulnerability mgmt

Continuous testing.

Automated dependency scanning, periodic third-party penetration testing, and a coordinated vulnerability disclosure program.

  • Continuous dependency and container scanning
  • Annual third-party penetration test
  • Responsible disclosure program for security researchers
Deployment

Deploy where you need it.

Match our footprint to your security and compliance requirements.

Managed cloud

Multi-tenant SaaS. Fastest to launch. Suitable for most originator and investor workflows where data classifications allow.

Single-tenant cloud

Dedicated infrastructure in our cloud. No shared resources. Suitable for portfolio data and rated-deal workloads.

VPC-peered or on-prem

Run inside your VPC or on your hardware. Suitable for highest-classification data and customers with strict residency rules.

Compliance posture

SOC 2 Type II in progress. NRSRO-aligned methodology for due diligence on rated deals. We're happy to share our latest security questionnaire response, third-party pen test summary, and DPA template under NDA — reach out and we'll send a packet.

Talk to security.

We'll send the security packet under NDA — questionnaire, pen test summary, DPA, and architecture overview.

Contact Sales