Security & Data Protection

Security at Veriti Spottr

Veriti Spottr is built with security-first principles. This page summarizes how we protect customer data, operate responsibly, and reduce exposure while delivering actionable cyber risk insights.

Cloud Infrastructure

Veriti Spottr is hosted on Amazon Web Services (AWS) and leverages secure, modern cloud infrastructure designed for reliability and strong security controls.

Secure cloud foundation with physical and environmental protections provided by AWS.
Managed services where appropriate to reduce operational risk and maintain consistency.
Defense-in-depth architecture principles across network, identity, and application layers.

Note: AWS provides independently audited infrastructure controls. When we reference AWS audits, we’re describing the underlying cloud platform—not claiming a certification for Veriti Spottr itself.

Encryption & Data Protection

We use industry-standard safeguards to help protect customer data in transit and at rest.

Encryption in transit (TLS) for communications between browsers, APIs, and services.
Encryption at rest for stored data using modern cryptographic standards.
Logical isolation to keep customer data separated and access controlled.

Security is a shared responsibility: customers control their own accounts, credentials, and administrative access.

Access Controls & Least Privilege

We follow least-privilege principles for system access and operational workflows.

Production access is restricted to authorized personnel with a legitimate business need.
Access is reviewed and removed when no longer required.
System activity is logged to support auditing and incident investigation.

Product Security Model

Veriti Spottr is designed to minimize invasive data collection and reduce operational complexity.

No endpoint agents required for many core use cases.
On-demand analysis initiated by the customer.
Focus on externally observable security signals and prioritized remediation guidance.

We aim to collect only what is necessary to deliver the service and produce actionable risk insight.

Secure Development & Operations

We incorporate security into the development lifecycle and operations. Practices may evolve as the platform matures, but our approach is consistent: reduce risk, ship responsibly, and monitor actively.

Secure coding practices and peer review during development.
Change management discipline to reduce deployment risk.
Monitoring and logging to support detection and response.

Responsible Disclosure

If you believe you’ve identified a security issue, we want to hear from you. Please report potential vulnerabilities privately and include enough detail to reproduce the issue.

Email: security@veritispottr.com
We will acknowledge receipt and work with you to validate and remediate.

Request Founding Customer Access Read our Trust Principles