Company

Security at Veridexa

This page is maintained by Veridexa to describe the controls we currently operate. It is not a certification — for compliance artifacts and questionnaires, contact our team.

Protecting customer data

Encryption in transit

All traffic to Veridexa endpoints is served over TLS 1.2+.

Encryption at rest

Documents and derived data are encrypted at rest using AES-256.

Least-privilege access

Access to production data is scoped, logged, and reviewed on a rolling basis.

Isolated environments

Development, staging, and production run in separate environments with separate credentials.

Secure development

Changes flow through code review, automated testing, and dependency scanning before reaching production. We track and patch vulnerabilities in third-party dependencies on a regular cadence.

Reporting a vulnerability

If you believe you have found a security issue, please email security@veridexa.io. We acknowledge reports within two business days.

More