Security at PRISM

• • All data encrypted at rest (AES-256) and in transit (TLS 1.3)
• • Hosted on Azure with SOC 2 Type II certified infrastructure
• • Network isolation with private endpoints and VNet integration
• • Automated vulnerability scanning on every deployment
• • Geo-redundant backups with 99.99% availability SLA

• • Role-based access control (RBAC) with least-privilege defaults
• • SSO/SAML 2.0 integration (Enterprise plan)
• • SCIM provisioning for automated user lifecycle management
• • Immutable audit logs for all platform operations
• • Secrets never stored in plain text — injected at runtime via managed vaults

• • Tenant isolation at the compute, storage, and network layers
• • Source code never leaves your configured environment
• • Agent execution happens in ephemeral, sandboxed containers
• • No training on customer code or data — ever

• • SOC 2 Type II audit in progress
• • GDPR-compliant data handling with EU data residency options
• • Regular third-party penetration testing
• • Responsible disclosure program

If you discover a security vulnerability, please report it to security@prism.dev. We acknowledge reports within 24 hours and aim to resolve critical issues within 72 hours.