Skip to main content
FloodlightFloodlight
Security & compliance

Built for enterprise data trust

Customer data is encrypted, access-controlled, and audited. Floodlight aligns with SOC 2 controls and supports the privacy regimes our customers operate under.

Controls

Encryption

All customer data encrypted in transit (TLS 1.2+) and at rest (AES-256).

Access control

Role-based access with least-privilege defaults; SSO via SAML or OIDC for enterprise customers.

Audit logging

All data access and configuration changes are logged and exportable.

Data residency

EU and US data residency available; default region selectable per tenant.

Compliance posture

  • SOC 2 Type II - in progress
  • GDPR - data processing addendum available; see /legal/dpa
  • ISO 27001 - control mapping documented and available on request

Vulnerability reporting

Send security reports to [email protected]. We respond within 48 hours and publish a coordinated disclosure timeline.

Security questions?

Contact our team for a security review or to request our compliance documentation.

Contact us