Platform · Security
Built for the audit you haven't been asked for yet.
Row-level tenant isolation, SSO, MFA, encrypted at rest and in transit, append-only audit log — by default, not by request.
Capabilities
Defence in depth, audit by default.
Row-level tenant isolation
Every query is filtered by tenant at the database layer — no cross-tenant data leakage path.
SSO + MFA
SAML 2.0, OIDC, Google Workspace, Microsoft Entra. TOTP MFA required for admin roles.
Encryption
AES-256 at rest, TLS 1.3 in transit, BYO-KMS for enterprise tenants.
Audit log
Append-only log of every mutation: actor, resource, before, after, IP, timestamp.
DPDP + GDPR aligned
Data residency in India by default. DSR workflows. Consent ledger. Vendor sub-processors documented.
Pen-tested + scanned
Annual third-party pen test. Continuous SAST/DAST. Dependency scanning on every commit.
Architecture
Trust boundary at every layer.
Edge
WAF, bot defence, rate limiting, TLS 1.3 termination.
- WAF
- Bot defence
- Rate limit
Identity
SSO via SAML/OIDC; MFA for admin; just-in-time access for support engineers.
- SAML/OIDC
- MFA
- JIT access
App
RBAC enforced at the resolver layer; every mutation creates an audit entry.
- RBAC
- Audit log
- Idempotency
Data
Row-level isolation. Encryption at rest. Daily encrypted backups. PITR.
- RLS
- AES-256
- PITR backups
Trust centre and current certifications: /en/legal/security
Why CISOs pick it
Pass the security questionnaire on the first pass.
Answers the long questionnaire
Trust centre, DPA, sub-processor list, pen-test summary, SOC 2 status — all in one place.
Avg 1-day infosec turnaround
Tenant isolation you can prove
Row-level isolation enforced in the database, not just in code. Auditable, testable.
Zero cross-tenant findings
Audit log on day one
Append-only mutation log. Compliance gets answers in minutes, not weeks.
100% mutation coverage
Common questions
Compliance, residency, and incidents.
Talk to security
Get the DPA + trust pack.
We'll send the security questionnaire response, DPA, sub-processor list, and pen-test summary — usually within one business day.
