Four layers. Zero compromise.
SOC 2-ready infrastructure with AES-256 at rest, per-issuer key isolation, row-level security on every table, and an immutable audit trail. Built from the ground up for material non-public information.
Each layer enforced server-side. Each independently auditable.
Multi-Tenant Isolation
Row-level security on every Postgres table. Queries scoped by issuer_id automatically. Zero cross-tenant leakage by design.
App-Layer Encryption
AES-256-GCM for all MNPI at rest. Per-issuer key isolation with FIPS 140-3 hardware backing. DEKs wrapped per user.
AI Data Isolation
Gemini for public records. Vertex AI in a GCP VPC for private MNPI. Contractually no training, no third-party access.
Audit & Immutability
No soft deletes. Every mutation logged with user, IP, timestamp, before/after snapshots. Vault records permanently sealed.
MNPI never leaves your VPC boundary.
Public-record documents route through Gemini for maximum extraction accuracy. Anything classified as material non-public information routes through Vertex AI inside a GCP VPC, contractually prohibited from training, never accessible by Google or any third party. Every routing decision logged immutably.
For your security and procurement teams.
Security Whitepaper
Full architecture document covering encryption, AI isolation, key management, and audit infrastructure.
Attestation Letter
CEO-signed attestation summarizing our security posture for auditors and procurement teams. Not a substitute for an independent SOC 2 audit.
Security One-Pager
Quick-reference compliance summary suitable for vendor risk assessments.
Have a security question?
Our security team responds within one business day. We have answers for every standard vendor risk assessment.