Security

Compliance & Certification Roadmap

Our controls are designed to align with SOC 2 Type II, ISO 27001, GDPR and NIST security practices. SOC 2 and ISO 27001 readiness controls are in progress; certification is pending.

  • Designed to align with SOC 2 Type II — readiness in progress, certification pending
  • Designed to align with ISO 27001 — readiness in progress, certification pending
  • Designed to align with GDPR data-protection principles
  • Designed to align with the NIST security framework

Infrastructure Security

  • Data encrypted at rest (AES-256)
  • Data encrypted in transit (TLS 1.3)
  • Multi-region redundancy
  • Regular security audits

Application Security

  • Regular penetration testing
  • Automated vulnerability scanning
  • Security-focused development practices
  • Role-based access control

Report a Vulnerability

If you discover a security vulnerability, please report it to security@spyda.ai