Summarize certifications, encryption, access control, monitoring, pen tests, and tiered breach SLAs buyers cite in questionnaires — bookmark for audits.
The security program outlines certification posture — Standard Contractual Clauses for EEA/UK/CH transfers, SOC2 Type II in flight, ODNI CAI alignment for sensitive categories — alongside concrete technical controls covering TLS/HSTS transit, CSP baselines, AES-256 class storage encryption, MFA, RBAC with quarterly entitlement reviews, pen-test cadence, and centralized logging expectations.
For coordinated vulnerability reporting see SECURITY.md + security.txt.