Security posture.
What is shipped, what is in progress, what is planned. Honest status, not a brochure.
last updated: 2026-05-15
- in progress
SOC 2 Type II
On track for completion in Q4 2026. Auditor selected. Controls implemented; observation period running.
- implemented
BYOK by default
Provider keys live in your environment. We do not store them. Managed billing is opt-in and uses a dedicated procurement subaccount.
- implemented
Encryption at rest and in transit
TLS 1.3 for all gateway traffic. AES-256 for stored telemetry and cache contents. Tenant-level key separation.
- implemented
Tenant isolation
Cache, telemetry, and policy state are tenant-scoped. No shared cache slots between accounts.
- implemented
Audit logs
All admin and key-management events logged with actor, time, and source IP. Exportable on the Scale plan.
- implemented
SSO and RBAC
Available on Scale and Enterprise. SAML, OIDC, and SCIM provisioning supported.
- implemented
Private deployment (VPC)
Enterprise option. Runs entirely inside your AWS, GCP, or Azure account. Bytevion has no plane-of-control access.
- planned
Penetration test
Annual third-party pentest. First engagement booked for Q3 2026, report shared under NDA.
- planned
ISO 27001
Targeted for 2027. Not on the current beta roadmap.
Report a vulnerability
Send reports to namaste@bytevion.com with the subject line “Security report”. We acknowledge inside 24 hours and target a fix or mitigation within 7 days for high-severity findings. We do not run a paid bounty during private beta, but we are happy to credit researchers in the changelog if you want.
Questionnaires and DPAs
We answer security questionnaires for procurement reviews and sign DPAs for EU customers. Send the form (or your vendor's questionnaire) to namaste@bytevion.com.