Built to pass your security review
Prodlytix is built with the controls your infosec team will ask for. AES-256 encryption at rest, TLS 1.3 in transit, RBAC, audit logging, and a SOC 2 Type II readiness program in progress. We provide a full security questionnaire on request.
Security practices
Encryption in transit and at rest
All data is transmitted over TLS 1.3. Event data is encrypted at rest using AES-256. Warehouse credentials are encrypted with a per-tenant KMS key — never stored as plaintext.
Role-based access control
Granular roles for admin, analyst, and viewer. Workspace isolation between organizations. SSO and SAML available on the Scale plan.
SOC 2 Type II program in progress
Prodlytix is designed with SOC 2 Type II controls. Our audit is in progress. We provide our security questionnaire and controls documentation on request.
Audit logging
All administrative actions and data access are logged. Audit logs are available to workspace admins and retained for 12 months.
Data minimization
Prodlytix processes only the events you explicitly send. No shadow profiling, no cross-customer data correlation. You control what we receive.
Vulnerability disclosure
We maintain a responsible disclosure policy. Security researchers may report vulnerabilities to [email protected]. We respond within 48 hours.
Security review? We'll make it easy.
We provide a full security questionnaire, controls documentation, and architecture diagrams on request.