Response SLA

Leadership reply within 24 hours

Delivery Regions

USA, Spain, India, Ecuador, and global remote

Engagement Control

NDA-first, written authorization required

Control Alignment

Mapped to SOC 2, ISO 27001, PCI DSS, HIPAA

Security

Security and confidentiality commitment.

Our delivery model is built for enterprise trust, legal clarity, and controlled data handling.

Version

Security Commitment v4.1

Owner

Office of the CISO

Status

Board-Approved Policy

Last updated

February 19, 2026

Only required engagement data is collected, with controlled retention and secure disposal practices.

NDA-first execution, role-based access, and restricted sharing of engagement artifacts.

Approved communication channels, encryption in transit, and protected project workflows.

Governance commitments

01

Written authorization and defined rules of engagement required before testing begins.

02

Critical issue escalation process for leadership and technical stakeholders.

03

Controlled storage, access logging, and lifecycle management of findings evidence.

04

Retest-backed closure confirmation with stakeholder sign-off support.