AtlasAI
Security First

Your data is protected
at every layer

AtlasAI is built with enterprise security requirements from day one. Encryption, isolation, auditability, and compliance โ€” not bolt-ons.

๐Ÿ”’

SOC 2 Type II

Annual audit covering security, availability, and confidentiality trust service criteria.

๐Ÿ“‹

ISO 27001

Information security management system certified by accredited third-party auditors.

๐Ÿ‡ช๐Ÿ‡บ

GDPR Compliant

Data residency controls, right-to-erasure, and DPA available for EU customers.

๐Ÿฅ

HIPAA Ready

BAA available for healthcare customers with applicable workloads.

๐Ÿ’ณ

PCI DSS

Scoped deployment options for customers in payment card environments.

๐Ÿ›ก๏ธ

Penetration Tested

Annual third-party penetration tests with findings remediated before public disclosure.

Infrastructure Security

  • โœ“
    Encryption at rest
    AES-256 encryption for all stored data; customer-managed keys available on Enterprise plan.
  • โœ“
    Encryption in transit
    TLS 1.3 enforced for all connections; HSTS enabled on all endpoints.
  • โœ“
    Network isolation
    Tenant data stored in dedicated schemas; no cross-tenant data access by design.
  • โœ“
    Audit logging
    Immutable audit trail for all API calls, AI decisions, and automated actions.
  • โœ“
    Vulnerability management
    Continuous dependency scanning; CVEs patched within 24h for critical severity.

Access Controls

  • โœ“
    SSO / SAML 2.0
    Native integration with Okta, Azure AD, Google Workspace, and any SAML 2.0 IdP.
  • โœ“
    SCIM provisioning
    Automated user lifecycle management; users deprovisioned immediately on IdP revocation.
  • โœ“
    Role-based access
    Granular RBAC with custom roles; least-privilege defaults for all system roles.
  • โœ“
    MFA support
    Multi-factor authentication via SSO-enforced MFA (Okta, Azure AD, Google Workspace). Native TOTP enforcement coming in Q3 2026.
  • โœ“
    Session controls
    Configurable session timeouts; remote session invalidation for incident response.

Report a Vulnerability

We operate a responsible disclosure program. If you discover a security vulnerability in AtlasAI, please report it to security@atlastechlab.com. We respond within 24 hours and credit researchers in our hall of fame.

Our security team follows a 90-day coordinated disclosure policy aligned with industry standards.

Need our security documentation for your vendor review?

Request Security Docs