SECURITY
Built for the
paranoid.
Alternus handles your mail, your files, your code — so security is the foundation, not a bolt-on. Here's how we keep it.
Compliance
SOC 2 Type II
Audited
ISO 27001
Audited
GDPR
Compliant
HIPAA
BAA available
CCPA
Compliant
TLS 1.3
Everywhere
Controls
/ 01
Encryption
AES-256 at rest, TLS 1.3 in transit. Per-workspace KMS keys for every tenant.
/ 02
Access control
Row-level isolation. SSO, SCIM, and role-based permissions on every plan.
/ 03
Audit logs
Every action, every agent query, every admin change — immutable, exportable.
/ 04
Incident response
Published runbook. 24/7 on-call. Status page updated in under 5 minutes.
/ 05
Penetration testing
Quarterly third-party pentests. Reports available under NDA on request.
/ 06
Responsible disclosure
security@alternus.ai · 7-day SLA for triage · bounty program for valid reports.