Security at Granite

We take security seriously. Learn about the measures we take to protect your data and maintain the integrity of our platform.

Data Protection

Your data is encrypted and protected at every stage

  • AES-256 encryption for data at rest
  • TLS 1.3 for all data in transit
  • Encrypted database backups
  • Secure key management with rotation

Infrastructure Security

Enterprise-grade cloud infrastructure and monitoring

  • Hosted on SOC 2 compliant cloud providers
  • Regular security audits and penetration testing
  • DDoS protection and rate limiting
  • Automated vulnerability scanning

Compliance

Meeting industry standards and regulations

  • SOC 2 Type II certification in progress
  • GDPR compliant data handling
  • Regular third-party security assessments
  • Privacy-by-design architecture

Access Control

Fine-grained permissions and authentication

  • Role-based access control (RBAC)
  • Multi-factor authentication support
  • Session management and timeout
  • Audit logging for all actions

Vulnerability Reporting

We believe in responsible disclosure. If you discover a security vulnerability in our platform, please report it to us privately.

Report a Vulnerability

Please email us with details of the vulnerability:

security@granitesecurity.io

We aim to respond to all reports within 48 hours and will keep you updated on our progress.