Enterprise Security

Security is foundational

Your AI data is sensitive. We treat security as a first-class feature, not an afterthought. SOC 2 Type II certified, GDPR compliant, and built for enterprise.

Certified

SOC 2 Type II

Independently audited for security, availability, and confidentiality.

Compliant

GDPR

Full compliance with European data protection regulations.

Compliant

CCPA

California Consumer Privacy Act compliant.

Enterprise

HIPAA

Healthcare data protection compliance available for enterprise.

Security Features

Enterprise-grade security built into every layer of our platform.

Encryption at Rest

All data is encrypted using AES-256 encryption at rest.

Encryption in Transit

TLS 1.3 encryption for all data in transit. HTTPS only.

Infrastructure Security

Hosted on AWS with enterprise-grade physical security.

Access Controls

Role-based access control (RBAC) with SSO/SAML support.

Audit Logging

Complete audit trail of all account activities.

Incident Response

24/7 security monitoring with <1 hour response SLA.

Security Practices

How we protect your data and maintain our security posture.

Secure Development

  • Code reviews required for all changes
  • Automated security scanning in CI/CD
  • Dependency vulnerability monitoring
  • Regular penetration testing by third parties

Data Protection

  • Data isolation between customers
  • Automatic data anonymization options
  • Configurable data retention policies
  • EU data residency available

Access Management

  • Multi-factor authentication (MFA)
  • Single sign-on (SSO) with SAML 2.0
  • API key rotation policies
  • IP allowlisting for enterprise

Operational Security

  • Employee background checks
  • Security awareness training
  • Principle of least privilege
  • Quarterly access reviews

Security FAQ

Common questions about our security practices.

Where is my data stored?

By default, data is stored in AWS us-east-1. Enterprise customers can choose EU (eu-west-1), Asia-Pacific (ap-northeast-1), or other regions for data residency requirements.

How long do you retain my data?

Retention periods vary by plan: Free (7 days), Pro (30 days), Team (90 days), Enterprise (custom). You can configure shorter retention or export data for longer storage.

Do you train AI models on my data?

No. We never use your data to train AI models. Your traces, prompts, and outputs are yours alone. We only process data as necessary to provide our service.

Can I get a copy of your SOC 2 report?

Yes. Our SOC 2 Type II report is available under NDA for customers and prospects. Contact security@intercept.ai to request a copy.

How do I report a security vulnerability?

Please email security@intercept.ai with details. We have a responsible disclosure program and will respond within 24 hours. Critical issues are eligible for bounty rewards.

Need more information?

Request our security documentation, SOC 2 report, or schedule a call with our security team.

Contact Security Team