Security practices

Current security posture and scope of controls available today.

Data encryption

Traffic between browsers and InspectIQ is encrypted in transit using TLS. Stored data relies on encryption-at-rest controls provided by managed cloud infrastructure.

Authentication

User authentication is session-based with token-backed server validation. Multi-factor authentication is not available yet.

Tenant isolation

Workspace boundaries are enforced through role checks and database-level access controls so users only access authorized data.

Logging

Operational and security-relevant events are logged for troubleshooting and review, including key account and sharing actions.

Backups

Backup and recovery controls are currently in progress for formal customer-facing recovery objectives.

Vulnerability management

Dependencies and runtime components are updated through regular maintenance cycles and monitored release workflows.

Security questions: angus@inspectiq.me