Security
Compliance & Certification Roadmap
Our controls are designed to align with SOC 2 Type II, ISO 27001, GDPR and NIST security practices. SOC 2 and ISO 27001 readiness controls are in progress; certification is pending.
- Designed to align with SOC 2 Type II — readiness in progress, certification pending
- Designed to align with ISO 27001 — readiness in progress, certification pending
- Designed to align with GDPR data-protection principles
- Designed to align with the NIST security framework
Infrastructure Security
- Data encrypted at rest (AES-256)
- Data encrypted in transit (TLS 1.3)
- Multi-region redundancy
- Regular security audits
Application Security
- Regular penetration testing
- Automated vulnerability scanning
- Security-focused development practices
- Role-based access control
Report a Vulnerability
If you discover a security vulnerability, please report it to security@spyda.ai