Trust Center
Everything procurement asks for, in one place.
Reports, certificates, legal templates, SBOMs, subprocessor lists. If your team needs it to close the deal, it's here. Most items are gated by NDA — request via the portal.
SOC 2 Type II report (2025)
NDA required · 94 pages
ISO 27001:2022 certificate
Issued: Mar 2026 · BSI
Annual penetration test summary
Bishop Fox · Feb 2026
Red-team exercise (Q4 2025)
Partner: NCC Group
Data Processing Agreement (DPA)
GDPR · CCPA compliant
Business Associate Agreement (BAA)
HIPAA · Enterprise+
Master Services Agreement
Enterprise template
Subprocessor list
Last updated Apr 2026
SBOM — Guardra v2.4.0
CycloneDX · Sigstore signed
Service Level Agreement
99.99% Enterprise & Premium
Subprocessors
30-day advance notice before any change · email alerts on /contact
| Subprocessor | Purpose | Data region |
|---|---|---|
| AWS | Infrastructure · data processing | US · EU · APAC |
| GCP | LLM inference · vector storage | US · EU |
| Cloudflare | Edge · DDoS protection | Global |
| Anthropic | LLM-as-judge (opt-in) | US |
| OpenAI | LLM-as-judge (opt-in) | US |
| Stripe | Billing | US |
| Auth0 (Okta) | Authentication | US · EU |
| Sentry | Error monitoring (scrubbed) | US |
Public status page
99.99% rolling 90-day uptime · updated in real time