Security
SOC 2 Type II. Zero-trust.OrvexCore is built for security from the ground up — zero-trust network, automated vulnerability scanning, and annual penetration testing. All data is encrypted in transit and at rest.
SOC 2 Type II aligned controls
Zero-trust network architecture
Automated vulnerability scanning
Penetration testing programme
Technical details
SOC 2 Type II controls
All controls and processes are aligned to SOC 2 Type II, with annual audits and continuous monitoring.
Zero-trust network
No implicit trust — all network access is authenticated, authorized, and encrypted.
Automated vulnerability scanning
Continuous scanning for vulnerabilities in dependencies, containers, and infrastructure.
Penetration testing
Annual third-party penetration tests with remediation and public summary.