Security
At CaliberX, we prioritize your security. We have implemented robust measures to ensure the safety and integrity of your data.
Continuous Security Monitoring
At CaliberX, we are committed to ensuring the highest level of security for our users. Our journey towards achieving this goal is ongoing, and we are continuously implementing and improving our security measures.
Present: Real-Time Security Monitoring
We currently have real-time security monitoring in place for our API infrastructure. This proactive approach allows us to promptly detect and address any potential threats or breaches, ensuring the safety and integrity of your data.
Near Future: SOC2 Type 1 Certification
Our next milestone is achieving SOC2 Type 1 certification. We are diligently working towards this goal, which will further validate our commitment to maintaining robust security controls.
Ongoing: GDPR Compliance
In addition to our certification goals, we are continuously working on maintaining and improving our GDPR processes. We are committed to protecting your personal data and upholding the principles of the General Data Protection Regulation (GDPR). Our compliance with GDPR is ongoing, and we are working towards official certification.
End of Year: SOC2 Type 2 Certification
By the end of the year, we aim to achieve SOC2 Type 2 certification. This certification will demonstrate that we have not only established effective security controls but that those controls have been tested over time and have proven to be effective.
SEC Regulated Fund Structures
Our fund structures are regulated by the Securities and Exchange Commission (SEC), ensuring compliance with stringent security standards.
Resilient Security at Every Layer
Our security measures extend to every layer of our stack. This includes:
PII Data Protection: We take the utmost care to protect your personally identifiable information (PII).
KMS Data Encryption: All data is encrypted using Key Management Service (KMS) to prevent unauthorized access.
Data Isolation and Backups: We isolate data and maintain regular backups to prevent data loss and ensure data integrity.
Secure API Infrastructure: Our API infrastructure is designed with security in mind, preventing unauthorized access and data breaches.
Cloud Threat, Fraud, and WAAP Armor: We have measures in place to protect against cloud threats, fraud, and web application and API protection (WAAP) attacks.
Tenant Isolation, AE-256 TLS Data in Transit, and mTLS Auth: We isolate tenant data and use AE-256 TLS for data in transit, along with mutual TLS (mTLS) authentication for added security.
Infrastructure Elevated Access Control: We have strict access controls in place for our infrastructure to prevent unauthorized access.
Pen Testing
We work with Hackerone to conduct periodic penetration testing
Last updated