Overview
Security is foundational to everything we build at Sagen. Geospatial data is often sensitive - it can reveal facility locations, infrastructure layouts, population patterns, and operational details. We treat every byte of your data with the seriousness it deserves.
Infrastructure
- Hosted on SOC 2 Type II certified cloud infrastructure
- All data encrypted in transit (TLS 1.3) and at rest (AES-256)
- Network isolation with private VPCs and security groups
- Automated vulnerability scanning and patch management
- DDoS protection and rate limiting at the edge
Access control
- Role-based access control (RBAC) with granular permissions
- SSO/SAML integration for enterprise customers
- Multi-factor authentication (MFA) support
- Audit logging for all data access and administrative actions
- Principle of least privilege enforced across all internal systems
Compliance
Sagen is pursuing SOC 2 Type II certification and is designed to support FedRAMP authorization workflows. Our on-premises deployment option supports ITAR, air-gapped environments, and other regulatory requirements.
Responsible disclosure
If you discover a security vulnerability in Sagen, we appreciate your help in disclosing it responsibly. Please report vulnerabilities to:
We will acknowledge receipt within 24 hours and provide an initial assessment within 72 hours. We do not pursue legal action against good-faith security researchers.