Skip to main content

Security you can trust

We take security seriously. Your data is protected by enterprise-grade security measures and industry-leading compliance certifications.

Compliance & Certifications

Independently verified security and compliance standards.

SOC 2 Type II

Independently audited annually for security, availability, and confidentiality controls.

View details

GDPR Compliant

Full compliance with EU General Data Protection Regulation requirements.

View details

ISO 27001

Certified information security management system.

View details

HIPAA Ready

BAA available for healthcare organizations handling PHI.

View details

PCI DSS

Level 1 service provider for payment card data security.

View details

CCPA Compliant

California Consumer Privacy Act compliance for US customers.

View details

Security Features

Built-in security at every layer of our platform.

Encryption at Rest & Transit

All data is encrypted using AES-256 at rest and TLS 1.3 in transit. Your data is protected at every step.

Single Sign-On (SSO)

Enterprise SSO support with SAML 2.0 and OIDC. Integrate with Okta, Azure AD, Google Workspace, and more.

Role-Based Access Control

Granular permissions with custom roles. Control exactly who can access what in your organization.

Audit Logging

Comprehensive audit logs for all actions. Track who did what, when, and from where.

DDoS Protection

Enterprise-grade DDoS mitigation at the edge. Your applications stay online during attacks.

Vulnerability Scanning

Continuous security scanning and penetration testing. We find issues before attackers do.

Data Residency

Choose where your data lives. Available regions include US, EU, and Asia-Pacific.

Automatic Backups

Daily automated backups with point-in-time recovery. Your data is always safe.

Infrastructure Security

Our infrastructure runs on industry-leading cloud providers with SOC 2 and ISO 27001 certifications. We leverage their physical security, network security, and operational excellence.

All systems are deployed in private networks with strict firewall rules. Access to production systems requires multi-factor authentication and is logged for audit purposes.

We maintain a comprehensive disaster recovery plan with regular testing. Our infrastructure is designed for high availability with automatic failover across multiple availability zones.

Request Security Documentation

Security Contacts

Report a vulnerability

security@virex.example.com

Security questionnaires

compliance@virex.example.com

Bug bounty program

View program details →

Security FAQ

Common questions about our security practices.

How do you handle data encryption?
All data is encrypted at rest using AES-256 encryption and in transit using TLS 1.3. Encryption keys are managed through a dedicated key management service with automatic rotation.
Where is my data stored?
By default, data is stored in our US data centers. Enterprise customers can choose specific data residency regions including EU (Frankfurt), Asia-Pacific (Singapore), and additional US regions.
Do you offer a BAA for HIPAA compliance?
Yes, we offer Business Associate Agreements (BAA) for healthcare organizations on our Enterprise plan. Contact our sales team to discuss your HIPAA compliance requirements.
How often do you conduct security audits?
We undergo annual SOC 2 Type II audits by independent third-party auditors. We also conduct quarterly penetration tests and continuous vulnerability scanning.
What happens in case of a security incident?
We have a comprehensive incident response plan. Affected customers are notified within 72 hours of confirmed breaches. Our security team is available 24/7 to respond to incidents.
Can I request a security questionnaire or assessment?
Yes, we provide completed SIG, CAIQ, and custom security questionnaires for Enterprise customers. Contact our security team at security@virex.example.com.

Need more information?

Our security team is happy to discuss your specific requirements and provide additional documentation.

Contact Security Team