Security

Security & Privacy

Your trust and data security are our highest priority. Learn about our security practices and compliance.

Compliance & Certifications

SOC 2 Type II

Annual security audit certification

GDPR

EU data protection compliance

Our Security Principles

How we protect your data and ensure platform integrity

Encryption Everywhere

All data is encrypted in transit using TLS 1.3 and at rest using AES-256. Your sensitive information is always protected.

Zero-Trust Architecture

Every request is authenticated and authorized. We follow the principle of least privilege across our entire infrastructure.

Secure Infrastructure

Hosted on enterprise-grade cloud infrastructure with multiple availability zones, automated backups, and disaster recovery.

Regular Audits

We undergo regular third-party security audits, penetration testing, and vulnerability assessments.

Enterprise Security Features

Suger provides comprehensive security controls to meet the most demanding enterprise requirements.

View Privacy Policy

Single Sign-On (SSO) with SAML 2.0

Multi-factor authentication (MFA)

Role-based access control (RBAC)

Audit logging for all actions

IP allowlisting

Session management and timeout

API key rotation

Webhook signature verification

Responsible Disclosure

We value the security community's efforts in helping keep Suger and our users safe. If you discover a vulnerability, we encourage you to report it responsibly.

Our Commitments

Acknowledge all reports within 48 hours

Keep reporters informed of remediation progress

No legal action against good-faith researchers

Coordinate on disclosure timelines

What We Ask

Provide sufficient detail to reproduce the issue

Allow reasonable time before public disclosure

Avoid disrupting services or accessing others' data

Have security questions?

Our security team is here to help. Request our security documentation or schedule a review.

Contact Security Team Privacy Policy