Trust Center
Our security framework is designed to support a wide range of industry standard controls to ensure robust protection of your data and infrastructure. We comply with established best practices and regulatory requirements.
Controls
Product Security | Infrastructure Security | Data Security | |||
---|---|---|---|---|---|
Role-Based Access Control | ✅ | Physical Security | ✅ | Encryption at-rest | ✅ |
Single Sign-On (SSO) | ✅ | ZTNA / VPN | ✅ | Encryption in transit | ✅ |
Audit Logging | ✅ | Load Balancers | ✅ | Password Hashed (Argon2id) | ✅ |
Data Security | ✅ | TLS/SSL Support | ✅ | Data remains in your environment | ✅ |
OWASP Standard | ✅ | Least Privilege Principle | ✅ | ||
⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | ⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | ⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | |||
Application Security | Privacy and Data Management | Reports | |||
Secure SDLC | ✅ | Secure Data Storage | ✅ | Network Diagram | ✅ |
Code Reviews | ✅ | Data Handling | ✅ | Architecture Diagrams | ✅ |
Secret Detection | ✅ | Data Minimization | ✅ | Penfield App Architecture | ✅ |
Code Analysis | ✅ | Data Storage | ✅ | Pentest Report | ✅ |
Container Scanning | ✅ | Data at Termination | ✅ | ||
Dependency Scanning | ✅ | ||||
Security Vulnerabilities | ✅ | ||||
⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | ⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | ⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | |||
Access Control | Corporate Security | Security Grades | |||
Data Access | ✅ | Email Protection | ✅ | Qualys SSL Labs | ✅ |
Logging | ✅ | Employee Training | ✅ | ||
Password Security | ✅ | Incident Response | ✅ | ||
Monitoring and Logging | ✅ | Endpoint Security | ✅ | ||
Identity Management | ✅ | ||||
MFA | ✅ | ||||
⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | ⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | ⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤⏤ | |||
Policies | Legal & HR | Support | |||
Acceptable Use Policy | ✅ | Privacy Policy | ✅ | Customer Support | ✅ |
Access Control Policy | ✅ | Background Check | ✅ | SLA | ✅ |
Information Security Policy | ✅ |