No internet connection

Check your network settings

Trust & Security Center

Security You Can Trust

Transparency is at the core of what we do. Learn about our certifications, security practices, and commitment to protecting your data.

View Latest PentestSecurity Advisories
SOC 2 Type II
ISO 27001
HIPAA Compliant
PCI-DSS Level 1

Certifications & Compliance

We maintain the highest industry standards and certifications to ensure your data is protected.

Certified

SOC 2 Type II

January 2024
Valid until January 2025

SentryNix has successfully completed SOC 2 Type II audit demonstrating our commitment to security, availability, processing integrity, confidentiality, and privacy.

Annual independent audit by certified CPA firm
Comprehensive controls testing over 12-month period
Zero control deficiencies identified
Continuous monitoring and improvement processes
Certified

ISO 27001:2022

March 2024
Valid until March 2027

International standard for information security management systems (ISMS), demonstrating our systematic approach to managing sensitive company and customer information.

Internationally recognized security framework
Risk-based approach to information security
Regular surveillance audits
Comprehensive documentation and policies
Compliant

HIPAA Compliance

Ongoing

Full compliance with Health Insurance Portability and Accountability Act requirements for protecting sensitive patient health information.

Business Associate Agreements (BAA) available
Technical, physical, and administrative safeguards
Breach notification procedures
Regular risk assessments
Certified

PCI-DSS Level 1

February 2024
Valid until February 2025

Highest level of Payment Card Industry Data Security Standard certification for organizations processing over 6 million transactions annually.

Quarterly network scans by Approved Scanning Vendor
Annual on-site audit by QSA
Strict network segmentation and encryption
Continuous compliance monitoring
Compliant

GDPR Ready

Ongoing

Full compliance with EU General Data Protection Regulation for protecting EU citizens' personal data and privacy rights.

Data Processing Agreements (DPA) available
Right to erasure and data portability
Privacy by design and default
EU representative appointed
Compliant

CCPA Compliant

Ongoing

Compliance with California Consumer Privacy Act protecting California residents' personal information.

Consumer rights respected (access, deletion, opt-out)
Transparent privacy practices
No sale of personal information
Regular compliance assessments

Security Practices

Our comprehensive security controls protect your data at every level.

Encryption

AES-256 encryption at rest, TLS 1.3 in transit

  • All data encrypted with AES-256-GCM
  • TLS 1.3 for all network communications
  • Hardware Security Modules (HSMs) for key management
  • Automated key rotation every 90 days

Access Control

Zero trust architecture with MFA and RBAC

  • Mandatory multi-factor authentication
  • Role-based access control (RBAC)
  • Principle of least privilege enforced
  • Session management and timeout controls

Infrastructure Security

SOC 2 certified cloud infrastructure

  • AWS infrastructure with SOC 2 compliance
  • Isolated production environments
  • DDoS protection and WAF
  • Regular security patching

Monitoring & Logging

24/7 security monitoring and incident response

  • Real-time security event monitoring
  • Centralized logging with 1-year retention
  • Automated threat detection
  • Incident response team on-call 24/7

Vulnerability Management

Continuous security testing and patching

  • Quarterly penetration testing
  • Weekly vulnerability scans
  • Bug bounty program
  • Responsible disclosure policy

Employee Security

Background checks and security training

  • Background checks for all employees
  • Annual security awareness training
  • Secure development lifecycle (SDL)
  • Confidentiality and NDA agreements

Independent Audits & Testing

Regular third-party security assessments validate our security controls.

Q1 2024 Penetration Test

Bishop Fox
March 2024
Passed

Comprehensive external and internal penetration test covering web applications, APIs, and infrastructure. Zero critical vulnerabilities identified.

0
Critical
0
High
2
Medium
5
Low
12
Info
View Report

2024 SOC 2 Type II Audit

Deloitte
January 2024
Passed

12-month audit of security, availability, and confidentiality controls. All control objectives met with zero exceptions.

0
Critical
0
High
0
Medium
0
Low
0
Info
View Report

2024 ISO 27001 Certification

BSI Group
March 2024
Certified

Comprehensive assessment of information security management system. Certification granted for 3-year period.

0
Critical
0
High
0
Medium
0
Low
0
Info
View Report

Security Questions or Concerns?

Our security team is here to help. Contact us for security inquiries, vulnerability reports, or compliance documentation.

security@sentrynix.comView Security Advisories

For vulnerability reports, please use our responsible disclosure process at sentrynix.com/security/disclosure