We transparently share how we protect customer logs, A.I. data flow and operational controls.
In multi-tenant architecture, each customer data is logically separated. Panel queries work with tenant scope; Customers cannot see each other's logs.
Forensic bundle outputs are signed with HMAC-SHA256. Hash verification can be done with the manifest file. Detail: 5651 compliance pages.
Don't be in the default installationlocallyworks; log texts are not sent to cloud LLM. If cloud A.I. is turned on, it is clearly stated in the contract.
Role-based authorization (RBAC), optional 2FA (TOTP), session time out and audit trail (who did what).
For responsible disclosure info@atriateknoloji.com — PGP key on request. In case of critical vulnerabilities, the first response is targeted within 72 hours.
On-prem or customer-controlled VPS/DC installation is supported. Regular backup and update windows are implemented in the Shared SaaS environment.