Security

Enterprise-grade security

We take security seriously. Your data is protected with industry-leading practices and compliance certifications.

End-to-End Encryption

All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption.

SOC 2 Type II Certified

We maintain SOC 2 Type II certification, demonstrating our commitment to security controls.

Secure Infrastructure

Built on enterprise-grade cloud infrastructure with 99.9% uptime SLA and automatic backups.

Access Controls

Role-based access control (RBAC) and multi-factor authentication (MFA) available for all accounts.

Regular Audits

Regular security audits and penetration testing by independent third-party firms.

Incident Response

24/7 security monitoring with dedicated incident response team and clear escalation procedures.

Compliance & Certifications

SOC 2 Type IICertified
GDPRCompliant
HIPAAReady
ISO 27001Certified
CCPACompliant
PCI DSSLevel 1

Security Practices

Data Handling

  • Data is processed in secure, isolated environments
  • Automatic data retention policies based on your plan
  • Secure data deletion upon request
  • Regular data backup with geographic redundancy
  • No third-party data sharing without consent

Application Security

  • Regular security updates and patch management
  • Automated vulnerability scanning
  • Secure coding practices and code reviews
  • API rate limiting and DDoS protection
  • Security headers and CSP implementation

Access Management

  • Multi-factor authentication (MFA) support
  • SSO and SAML integration for enterprises
  • Session management and automatic timeouts
  • IP whitelisting and geo-restrictions
  • Audit logs for all account activities

Incident Management

  • 24/7 security monitoring and alerting
  • Dedicated incident response team
  • Clear communication protocols
  • Post-incident analysis and reporting
  • Continuous improvement of security measures

Responsible Disclosure

We value the security community's efforts to help us maintain a secure platform.

If you discover a security vulnerability, please report it to security@metis.com. We will respond within 24 hours and work with you to address the issue.

We offer a bug bounty program for qualifying security issues. Visit our security portal for more details on our responsible disclosure policy and rewards.

Questions about security?

Contact our security team or view our other legal documents.