AES-256
Symmetric encryption of the in-memory document buffer.
TLS 1.3
Modern transport security with forward secrecy on all endpoints.
Cryptographic erasure
Buffer overwritten with zeros and released before report is sealed.
Tenant-scoped KMS
Per-workspace keys with rotation and audit logging.
OWASP-hardened API
Rate limiting, signed requests, strict CSP, replay protection.
Signed reports
Reports include a signature chain so tampering is detectable.
Compliance posture
ZeroVault is engineered to support these frameworks. Statements and reports are available under NDA from our trust team.
SOC 2 Type IIISO/IEC 27001GDPRHIPAAPCI-DSS alignedFedRAMP-ready
Request trust package