All Systems Operational

Security at Dependra

Security is at the core of everything we do. We implement industry-leading security practices to protect your data and maintain your trust.

Get Started SecurelyView Certifications
SOC 2
Type II
Certified
ISO
27001:2022
Certified
AES-256
Encryption
At rest & in transit
GDPR
Compliant
EU data protection

Our Security Pillars

We've built security into every layer of our platform

Infrastructure Security

Hosted on enterprise-grade cloud infrastructure with automatic scaling, redundancy, and geographic distribution.

Data Encryption

All data is encrypted at rest using AES-256 and in transit using TLS 1.3 with perfect forward secrecy.

Access Controls

Role-based access control, SSO integration, and multi-factor authentication for all accounts.

Vulnerability Management

Continuous security scanning, regular penetration testing, and responsible disclosure program.

Monitoring & Logging

Real-time threat detection, comprehensive audit logging, and 24/7 security monitoring.

Business Continuity

Regular backups, disaster recovery procedures, and 99.9% uptime SLA guarantee.

Certifications & Compliance

We maintain industry-leading certifications to demonstrate our commitment to security

Certified

SOC 2 Type II

Annual audit by independent CPA firm

Certified

ISO 27001:2022

Information security management system

Compliant

GDPR

EU data protection compliance

Compliant

NIS2

Network and information security

Technical Security Measures

Defense in depth with multiple layers of security controls

Network Security

  • WAF protection
  • DDoS mitigation
  • Network segmentation
  • Intrusion detection

Application Security

  • Secure SDLC
  • Code review
  • SAST/DAST scanning
  • Dependency monitoring

Data Protection

  • Field-level encryption
  • Data masking
  • Secure key management
  • Data retention policies

Identity & Access

  • SSO integration
  • MFA enforcement
  • Session management
  • Principle of least privilege

Endpoint Security

  • Device management
  • Encrypted laptops
  • EDR solutions
  • Remote wipe capability

Incident Response

  • 24/7 on-call team
  • Documented procedures
  • Regular tabletop exercises
  • Post-incident reviews

Data Processing & Privacy

We are transparent about how we handle your data

Data Storage

  • Data stored in EU data centers (primary: Germany)
  • No data transfer outside the EU/EEA
  • Regular backups with encryption
  • Data retention and deletion policies

Subprocessors

  • Carefully vetted EU-based subprocessors
  • Data Processing Agreements with all vendors
  • Regular security assessments
  • Published subprocessor list

Our Security Program

Security Policies

Comprehensive security policies reviewed and updated annually, covering all aspects of our operations.

  • • Information Security Policy
  • • Acceptable Use Policy
  • • Incident Response Policy
  • • Access Control Policy

Security Training

All employees undergo security awareness training upon hire and annually thereafter.

  • • Onboarding security training
  • • Phishing simulation exercises
  • • Role-specific training
  • • Secure coding training

Vulnerability Disclosure

We welcome responsible security researchers to report vulnerabilities through our program.

  • • Responsible disclosure policy
  • • Safe harbor provisions
  • • Acknowledgment in hall of fame
  • • Coordinated disclosure

Have Security Questions?

Our security team is here to help. Request our security documentation or schedule a security review.

Contact Security Teamsecurity@dependra.com

Compliance Resources

Learn about regulations and standards we help you comply with

GDPR

EU data protection

NIS2

Network security directive

DORA

Digital resilience

ISO 27001

Security management