Security
Your data, protected.
Veribound handles sensitive financial and project data. We take that responsibility seriously with enterprise-grade security at every layer.
Built on secure foundations.
Cloud Platform
Hosted on Google Cloud Platform with SOC 2 Type II certification. Data centers with physical security, redundant power, and 24/7 monitoring.
Network Security
DDoS protection, Web Application Firewall (WAF), and intrusion detection systems protect against network-level attacks.
Isolation
Customer data is logically isolated. Role-based access controls ensure data is only accessible to authorized parties.
Encrypted everywhere.
In Transit
All data transmitted over TLS 1.3. We enforce HTTPS across all services with HSTS headers.
At Rest
AES-256 encryption for all stored data. Encryption keys are managed through Google Cloud KMS with automatic rotation.
Backups
Automated daily backups with point-in-time recovery. Backup data is encrypted and stored in geographically separate regions.
Secure by design.
Authentication
Firebase Authentication with support for multi-factor authentication. Secure session management with automatic timeout.
Authorization
Fine-grained permissions ensure users can only access data they're authorized to view. Project-level access controls.
Audit Logging
Comprehensive audit logs track all sensitive operations. Logs are immutable and retained for compliance purposes.
Meeting industry standards.
PCI DSS
Payment processing through Stripe, a PCI Level 1 Service Provider. We never store full card numbers.
GDPR & CCPA
We support data subject rights including access, correction, deletion, and portability requests.
Regular Audits
Annual penetration testing by third-party security firms. Continuous vulnerability scanning.
Found a vulnerability?
We appreciate responsible disclosure. If you discover a security issue, please report it to security@veribound.ai. We'll investigate promptly and keep you informed.
Contact our security team