SECURITY & GOVERNANCE

Federal-Grade
Security &
Compliance

Advanced AI infrastructure architected for the strict demands of the public sector. Fully aligned with FedRAMP frameworks to ensure mission integrity.

Compliance Pulse
FedRAMP Alignment
Active
NIST 800-53 Controls
Active
AES-256 Encryption
Active
0
Data Breaches
24/7
Monitoring
FedRAMP Aligned
NIST 800-53 controls
Encryption
AES-256 & TLS 1.3
US Data Residency
AWS US-East-1
Audit Trails
Complete change tracking

Security Architecture

Foundational Pillars of Trust

Our security architecture is built on four core principles, ensuring data integrity to meet compliance.

Data Residency

All federal data is stored exclusively within US cloud environments, ensuring jurisdictional compliance with federal requirements.

AWS US-East-1 (Virginia)
FIPS 140-2 validated transit
Supabase US region

Uncompromising Encryption

All data is protected with industry-leading encryption standards, both at rest and in transit, with no exceptions.

AES-256 encryption at rest
TLS 1.3 in transit
Key management via AWS KMS

Identity Management

Supports RBAC, directory provisioning, and enterprise SSO integrations to control access at every level.

Role-based access control (RBAC)
Enterprise SSO support
Multi-factor authentication

Independent Audits

Working toward SOC 2 Type II certification and annual penetration testing to provide objective validation of our security posture.

SOC 2 Type II (in progress)
Annual penetration testing
Continuous vulnerability scanning

Shared Responsibility

Shared Responsibility Model

Security at Propivix is a partnership. We manage the security of the infrastructure, while customers maintain control over their data and access configurations.

Physical Security

AWS operates SOC 2-compliant data centers with 24/7 physical security, biometric access, and environmental controls.

Network Isolation

Virtual private cloud (VPC) isolation with security groups and network access control lists to segment workloads.

System Hardening

Our platform employs multiple hardening layers including CIS benchmarks, automated patching, and continuous vulnerability scanning to reduce the attack surface.

Continuous Monitoring

Real-time security information and event management (SIEM) with automated threat detection, log aggregation, and incident response procedures.

Access Governance

Principle of least privilege applied across all systems, with periodic access reviews and just-in-time privileged access management.

Audit Logging

Comprehensive audit trails for all user and system actions, with tamper-evident logging and configurable retention policies.

Ready to Secure Your Intelligence?

Download our comprehensive security pack, including FedRAMP alignment documents, architecture overviews, and risk assessment resources.

Request Security WhitepaperTalk to a Compliance Expert

US-hosted. FedRAMP-aligned. NIST 800-53 controls by design.