Security at PerceptEye
At PerceptEye, security is not an afterthought. It is built into every layer of our platform. We take the protection of your business data, workflows, and integrations seriously, and continuously invest in safeguards that meet the demands of enterprise and developer environments.
Enterprise-grade infrastructure
PerceptEye's infrastructure is hosted on enterprise-grade cloud providers with physically secured, SOC 2-compliant data centers. All services run in isolated environments with strict network segmentation, firewall policies, and intrusion detection systems actively monitoring for anomalous activity.
End-to-end encryption
All data transmitted to and from the PerceptEye platform is encrypted in transit using TLS 1.2 or higher. Data stored within our systems is encrypted at rest using AES-256 encryption. Encryption keys are managed through dedicated key management services and rotated on a regular schedule.
Role-based access control
Access to PerceptEye systems is governed by role-based access control (RBAC) policies. All internal access to production environments requires multi-factor authentication (MFA) and is logged for audit purposes. Principle of least privilege is enforced across all teams. No employee has broader access than their role requires.
Secure API interactions
All API interactions are authenticated using secure token-based mechanisms. Rate limiting, request validation, and abuse detection are applied at the API gateway level to protect against unauthorized use, injection attacks, and denial-of-service attempts. API keys and secrets are never logged or stored in plaintext.
Complete isolation
Each workflow and agent deployment operates within isolated execution environments. PerceptEye ensures that one customer's data, configurations, and agent behavior cannot influence or be accessed by another. Inter-service communications within the platform are authenticated and authorized at every step.
Secure integrations
When connecting PerceptEye agents to third-party services, integrations are established using OAuth 2.0 or equivalent secure authorization protocols. PerceptEye does not store third-party credentials in plaintext and applies the minimum required permission scopes for each integration.
Proactive security testing
PerceptEye conducts regular vulnerability assessments and penetration testing through independent security researchers. Our engineering team maintains a responsible disclosure program and follows a structured patch management process to remediate identified risks in a timely manner.
Formal incident response
PerceptEye maintains a formal incident response plan. In the event of a security incident affecting your data, we will notify impacted customers in accordance with applicable legal obligations and our Data Processing Agreement. Post-incident reviews are conducted to identify root causes and prevent recurrence.
Security-first culture
All PerceptEye employees undergo security awareness training as part of onboarding and on an ongoing basis. Access to sensitive systems is reviewed quarterly and revoked promptly upon offboarding.
Standards alignment
Our security practices are aligned with SOC 2 Type II, GDPR, and CCPA requirements. Enterprise customers may request access to our security documentation, audit reports, or a completed security questionnaire by contacting us directly.
Security inquiries?
For security-related inquiries or to report a vulnerability, please contact us.