Built for organizations that can't afford a breach.
Sockindle is designed with defense-grade controls from day one. Your SIEM telemetry, hunt results, and alert data are handled with the same rigor we apply to threat detection.
Your telemetry. Your keys. Your control.
Encryption at Rest
All SIEM telemetry, hunt results, IOC records, and alert data stored with AES-256 encryption. Customer data partitioned per-tenant with isolated encryption keys.
Encryption in Transit
All data in transit encrypted via TLS 1.3. SIEM connector streams, API endpoints, and analyst dashboard traffic are all TLS-only. No plaintext egress paths.
Access Controls
Role-based access control with least-privilege defaults. Analyst, SOC Lead, and Admin tiers. All actions logged to immutable audit trail. SSO via SAML 2.0 and OIDC.
Data Residency
US-based data residency by default (AWS us-east-1). Enterprise customers may request non-US data residency options for European and APAC deployments. Federal tier includes isolated US-only regions.
Designed with security frameworks in mind.
Sockindle is built with SOC 2 Trust Services Criteria as a design reference, HIPAA Security Rule safeguards informing our healthcare deployment configuration, and CMMC 2.0 Level 2 practices guiding our federal-adjacent controls. We provide controls documentation to support your own compliance posture.
SOC 2 Controls-Informed
Architecture designed with Trust Services Criteria: availability, confidentiality, processing integrity, privacy, and security. Controls documentation available for enterprise review.
HIPAA Security Reference
Healthcare deployments reference HIPAA Security Rule administrative, physical, and technical safeguards. Designed to support covered entities — BAA available upon request.
CMMC-Adjacent Posture
Federal contractor deployments designed with CMMC 2.0 Level 2 as a reference. US-only data residency, audit logging, and access control documentation available on request.
Built on proven cloud infrastructure.
AWS Infrastructure
Hosted on AWS (us-east-1 primary). VPC isolation, security groups, WAF, and CloudTrail logging. Auto-scaling hunt engine with capacity reserved for burst detection events.
Availability & Recovery
Multi-AZ deployment with 99.9% uptime SLA for SOC and Enterprise tiers. RPO < 1 hour, RTO < 4 hours. Daily encrypted backups with 30-day retention.
Vulnerability Management
Continuous dependency scanning. SAST in CI/CD. Penetration testing annually. Responsible disclosure: [email protected].
Audit Logging
All analyst actions and platform events written to immutable, tamper-evident audit log. Exportable in JSON/STIX format for your own SIEM ingestion. Logs retained 365 days minimum.
Security questions? We're the right people to ask.
Talk to a Sockindle security engineer about your deployment requirements.