Trust

Security overview

High-level security posture for evaluation. Your production agreement and deployment architecture define enforceable commitments.

RBAC

Access model

TLS 1.2+

Transport

Tenant scope

Isolation

Your logs

Audit ownership

Access & identity

Role-based access with tenant-scoped sessions; integrate with your IdP where your deployment supports it.
API access should use least privilege keys and rotate credentials per your policy.

Use TLS for traffic in transit; encryption at rest depends on your database and storage configuration.
Backups, retention, and regional residency are deployment-specific — document them in your runbook.

Monitor audit trails for sensitive actions where the product exposes them.
Report suspected incidents through your vendor or internal security contact per your contract.