Security & Compliance

Enterprise Security, Built In

SENTINEL-X is designed from the ground up for enterprise security requirements — so your CISO can say yes.

Certifications & Compliance

✓

Annual third-party audit of our security, availability, and confidentiality controls.

✓

Full data subject rights, DPA available, EU data residency option.

✓

Information security management system certified by accredited body.

✓

BAA available for healthcare customers. PHI never stored in our systems.

🔒

AES-256 encryption for stored data. TLS 1.3 for all data in transit. Keys managed via AWS KMS / GCP KMS.

🔒

Role-based access control with custom roles. SAML 2.0 and OIDC SSO integrations for Okta, Azure AD, Google Workspace.

🔒

Immutable, tamper-evident audit logs for every action. Exportable for compliance reviews and incident investigation.

🔒

Deploy SENTINEL-X entirely within your own VPC or on-premise. No data leaves your infrastructure.

🔒

Annual third-party penetration tests. Results available to Enterprise customers under NDA.

🔒

99.9% uptime SLA. 24/7 security monitoring. Breach notification within 72 hours as required by GDPR.

✓We never train our models on your data.

✓Evaluation run data is isolated per tenant with cryptographic separation.

✓You can delete all your data at any time — deletion is immediate and irrecoverable.

✓EU data residency is available for GDPR-sensitive deployments.

✓Sub-processors are listed in our DPA and reviewed quarterly.

✓Data retention defaults to 90 days; configurable to 1 day in Enterprise.

We're happy to provide our security questionnaire, SOC2 report, or pen test results under NDA.