Security & Compliance

Security at Vectrix

At Vectrix, the security of our users will always be our top priority
Vectrix is a security platform founded and operated by a team of security engineers. At our core, security is not just something we do - It's who we are.
On this page you'll find a high-level overview of the processes, procedures, and other technologies we’ve put in place to ensure the security of our users and platform.
If you have any other questions about our security practices, or need to get in touch, email us at
Infrastructure Security
Infrastructure security one-liner description here.
Vectrix is hosted in the cloud and is backed by AWS' world-class security measures.
24/7 monitoring
We scan and continuously monitor our entire infrastructure using Vectrix.
SOC 2 compliant
Vectrix is SOC 2 Type I compliant.. Our AWS cloud infrastructure is fully compliant with SOC 2, ISO 27001, and GDPR.
Product Security
Infrastructure security one-liner description here.
Single sign-on and multi-factor authentication provide additional account security.
Role-based access control allows admins to follow the principle of least privilege.
Workspace segmentation
Environments are segmented to prevent cross-account risk.
Network Security
Network security one-liner description here.
DDoS protection
We use Cloudflare to protect against Distributed Denial-of-Service (DDoS) attacks.
Network monitoring
We scan and continuously monitor network traffic and activity using Vectrix scans.
Security groups
AWS Security Groups are used to control lateral, inbound, and outbound network traffic.
Security Practices
Secure development one-liner description here.
Secure development
We maintain a secure SDLC with enforced peer reviews on every commit.
Security trainings
All new employees are trained in security best practices and are retrained annually.
Security policies
We maintain and apply security policies, reflecting our commitment to security.
Data Security
Data security one-liner description here.
Data is encrypted-in-transit using TLS 1.2. Data is encrypted-at-rest with AES.
We back up, encrypt, and regularly test the restoration of critical assets.
Data retention
We retain user data for no more than 90 days following requests for account deletion.
Payment Processing
Payment processing one-liner description here.
Pay with Stripe
All payment processing is managed by Stripe, a PCI Level 1 Service Provider.
Responsible Disclosure
Find a potential security issue? Let us know by reporting it to us.
Discover why IT and Security teams rely on Vectrix to keep their SaaS tools secure.
Vectrix helps us identify shared files, insecure settings, user access issues, and more. It's quickly becoming the gold standard in the SaaS security space.
Alex Dunbrack, Co-founder of Vectrix
Alex Dunbrack
Co-founder and COO,