CyberX · Trust & Security

Your data, secured by default

CyberX protects your configuration and change data with strong encryption, strict access controls, and daily backups, so the systems you rely on stay secure and available.

Encryption in transit & at restDaily backupsCloud data centerMFA-enforced access
TLS 1.3Encrypted connections
AES-256Encryption at rest
DailyEncrypted backups
MFAEnforced on all access
Platform security

A layered approach to protecting your data

CyberX applies defense-in-depth across the stack. Encryption, tenant isolation, access control, monitoring, and daily backups work together so no single gap exposes your data.

End-to-end encryption

Data is encrypted in transit with TLS 1.3 and at rest with AES-256, keeping it protected at every stage.

Tenant isolation

Every customer’s data is isolated at the database schema level, keeping your environment separate from all other tenants on the platform.

Access control

Role-based, least-privilege access with enforced MFA ensures only authorized users can reach your data.

Monitoring & audit logging

Access and configuration changes are logged and monitored, with alerting on anomalous activity.

Daily backups

Encrypted backups run daily on a rolling 90-day history, enabling reliable recovery of your configuration data.

Cloud data center

CyberX runs in a secure cloud data center, keeping your configuration data on professionally managed and monitored infrastructure.

Infrastructure

Hosted in a secure cloud data center

CyberX runs in a cloud data center on professionally managed infrastructure, maintained and monitored to modern operational and security standards.

  • Cloud data centerInfrastructure is maintained, patched, and monitored to modern operational standards.
  • Database-level tenant isolationCustomer data is separated at the database schema level.
  • Daily encrypted backupsBackups run every day on a rolling 90-day history, stored securely for reliable recovery.
  • TLS everywhereEvery connection is encrypted with modern TLS.

At a glance

HostingCloud data center
IsolationDatabase schema
BackupsDaily
Backup history90 days
EncryptionTLS + at rest
AccessMFA enforced

Data protection

  • Encryption in transit & at restTLS on the wire, AES-256 on disk.
  • Secure credential handlingSecrets isolated from application code and logs.
  • Least-privilege accessAccess scoped to operational necessity.
Data ownership

You own and control your data

CyberX processes only the data required to detect and manage firewall changes. Your data is never sold or shared with third parties.

  • Transparent data handlingWe store only your configuration and change history, nothing else.
  • Clear retention periodsConfiguration backups are kept on a rolling 90-day history, and change records and audit logs are retained for 12 months.
  • Deleted when you leaveIf you close your account, your data is permanently deleted within 30 days.
  • Export & deletion on demandRequest a full data export or permanent deletion at any time.
Compliance

Compliance & certifications

We maintain a transparent security posture and support your due-diligence process. Request current documentation, and we’ll complete your vendor security assessment.

SOC 2 Type IActive
SOC 2 Type IIIn progress
ISO 27001In progress
Vendor assessmentsOn request
FAQ

Security questions, answered

Where is my data hosted?
CyberX is hosted in a secure cloud data center, on infrastructure that is professionally maintained, patched, and monitored.
How is my data encrypted?
All data is encrypted in transit with TLS 1.3 and at rest with AES-256. Backups are encrypted as well.
How is my data kept separate from other customers?
Each customer’s data is isolated at the database schema level, so your environment is logically separated from every other tenant on the platform.
How long do you retain my data?
Configuration backups are kept on a rolling 90-day history. Change records and audit logs are retained for 12 months by default. If you close your account, your data is permanently deleted within 30 days.
Who can access my data?
Access is role-based and least-privilege, protected by enforced MFA, and fully logged and auditable.
Which certifications do you hold?
CyberX holds SOC 2 Type I, which is currently active. SOC 2 Type II and ISO 27001 are both in progress. We’re happy to share documentation and complete vendor security assessments on request.
How are security incidents handled?
The platform is continuously monitored and backed up daily. In the event of an incident affecting your data, impacted customers are notified promptly.
Trust & Security

Have questions about our security?

Request our security documentation, or connect with our team to discuss your requirements.