Built to protect what you govern
Amanvi handles sensitive compliance data. We design every layer — from infrastructure to access controls — to keep your inventory, assessments, and evidence secure.
Tenant isolation
Every customer's data lives in a strictly isolated tenant boundary at the database level. We do not share data across customers, use it to train models, or expose it to other tenants under any circumstance.
Encryption
All data is encrypted in transit with TLS 1.3 and at rest using AES-256. API keys, tokens, and credentials are stored with additional field-level encryption.
Infrastructure
Amanvi runs on modern cloud infrastructure with automated patching, DDoS protection, and continuous monitoring. Our production environment is hardened and audited for common misconfigurations.
Access controls
Role-based access inside your workspace. Admins, editors, and viewers each see only what they need. Multi-factor authentication is enforced for all accounts.
Compliance posture
We are designing Amanvi to meet SOC 2 Type II and ISO 27001 standards. We maintain detailed audit logs, conduct regular penetration tests, and follow secure development lifecycle practices.
Responsible disclosure
If you discover a vulnerability, please contact us at security@amanvi.io. We respond to all reports within 24 hours and coordinate fixes transparently.