SECURITY

Your data security is our foundation.

We're building a security product — so we hold ourselves to the highest standard. Here's how we protect your data.

Encryption at Rest & in Transit

All credentials are encrypted using AES-256-GCM. All data in transit uses TLS 1.3. OAuth tokens are never stored in plaintext.

Tenant Isolation

Every customer's data is logically isolated. No cross-tenant data access is possible — even by our own team without explicit authorization.

Metadata Only

We never access the content of your emails, files, messages, or code. We only read access metadata — usernames, permissions, group memberships, and roles.

Minimal Permissions

We request only the minimum OAuth scopes required to read access data from your connected tools. No write access unless you explicitly enable offboarding actions.

Audit Logging

Every action in ViglaFort is logged — access grants, revocations, offboarding events, and administrative changes. Your full audit trail is always available.

Enterprise-Grade Auth

We support SSO, MFA, and enterprise identity providers out of the box — so your team logs in securely from day one.

Have a security question?

We take security inquiries seriously. Reach out and we'll respond within 24 hours.

[email protected] →