Conundrum Intelligence is built with security-first principles and aligned with industry-leading compliance frameworks.
Our platform aligns with the NIST CSF core functions — Identify, Protect, Detect, Respond, and Recover. Conundrum Intelligence directly supports the Identify and Detect functions through continuous threat monitoring and intelligence-driven risk assessment.
Conundrum Intelligence is designed to meet SOC 2 Trust Service Criteria for security, availability, and confidentiality. Our multi-tenant architecture enforces strict data isolation at the database schema level, ensuring each organization's intelligence data remains separate and secure.
We are committed to GDPR compliance for our European users. This includes data minimization in our collection practices, clear consent mechanisms, data portability support, and the right to erasure. Our privacy policy details how personal data is processed and protected.
Our information security management practices are aligned with ISO 27001 standards. This includes formal risk assessment processes, access control policies, incident response procedures, and continuous monitoring of our security posture.
All data encrypted in transit (TLS 1.3) and at rest (AES-256). API keys and credentials are securely stored using environment-level encryption.
Role-based access control with tenant-level isolation. Multi-factor authentication support and session management for all user accounts.
Continuous security monitoring, automated vulnerability scanning, and incident response procedures to detect and respond to threats promptly.