Security
We do not yet carry SOC 2 or ISO 27001 attestations — the readiness work is underway and we will publish the report when it is real. In the meantime, here is exactly how the platform is built.
All traffic is served over TLS 1.3. Application data and backups are encrypted at rest using AES-256 managed keys via our hosting and database providers.
Production access is scoped per role, audited, and gated by multi-factor authentication. Engineers ship through reviewed pull requests — no one SSHes into prod.
The platform runs on Postgres with row-level security policies on every user-scoped table. A breach of application logic should not translate into a breach of the data layer.
Automated dependency scanning on every build. Security-sensitive code paths — authentication, payments, permissions — require a second reviewer before merge.
We collect what we need to operate the service and nothing more. Users can export or delete their data at any time. We will never sell user data — that is not our business.
If something goes wrong, we will tell affected users directly and publicly, without spin. Security researchers can report issues responsibly to security@scalednative.com.
SOC 2 Type I readiness work is in progress. Type II observation window will open once we have a steady enterprise customer base — pursuing it earlier adds cost without adding real assurance.
An annual third-party penetration test is planned ahead of our first enterprise engagements. We will make the scope and remediation summary available to prospective customers under NDA.
A formal sub-processor list, Data Processing Agreement, and vendor security questionnaire response pack are available on request for procurement teams.
If you believe you have found a security issue, please email security@scalednative.com with a clear description and, if applicable, a proof of concept. We will acknowledge within two business days and keep you informed through remediation. We do not pursue researchers who act in good faith.
Procurement or enterprise questions