Enterprise-ready security for private markets

Security & Compliance

• SOC 2 Type II certified — Independently audited controls for security, availability, and confidentiality
• Regular penetration testing — Third-party security assessments and vulnerability scanning
• GDPR and CCPA compliant — Full data privacy compliance for LP and fund data
• ISO 27001 aligned — Information security management best practices

Data Protection for Fund Documents

• End-to-end encryption — Fund documents, LPAs, and portfolio data encrypted in transit and at rest
• Zero-trust architecture — Granular access controls for sensitive fund information
• Data residency options — Host LP and GP data in specific geographic regions for regulatory compliance
• Role-based access control — Limit visibility of fund performance and portfolio data by team role

Operational Security

• Multi-factor authentication (MFA) — Required for all user accounts
• SSO support — Integrate with Okta, Azure AD, and other enterprise identity providers
• Audit logs — Complete activity tracking for fund document access and analysis
• IP allowlisting — Restrict platform access to approved network ranges

Infrastructure & Availability

• AWS-hosted infrastructure — Enterprise-grade cloud platform with 99.9% uptime SLA
• Automated backups — Daily encrypted backups with point-in-time recovery
• DDoS protection — Cloudflare enterprise protection for platform availability
• Incident response — 24/7 monitoring and defined escalation procedures

AI & Model Security

• Private model instances — Fund data processed in dedicated, isolated AI environments
• No training on customer data — Your fund documents and portfolio data never train our models
• Data retention controls — Configurable retention policies for sensitive fund information
• Model output validation — Automated checks to prevent leakage of confidential fund data

Questions about security?

We're happy to discuss our security posture, share our SOC 2 report, or answer questions from your security team.