SOC 2 readiness — controls aligned to NIST 800-53

Security without
compromise.

Enterprise-grade security built into every layer. Your data is encrypted, access is controlled, and compliance is maintained by default.

SOC 2 Type II
GDPR
CCPA
HIPAA

Defense in Depth

Multiple layers of security controls protect your applications and data

Encryption at Rest & in Transit

Data is encrypted at rest with per-tenant AES-256-GCM keys and post-quantum age, and in transit with TLS 1.3 — including hybrid ML-KEM-768 key exchange at the edge.

Multi-Factor Authentication

Multi-factor authentication with TOTP, WebAuthn hardware keys, push, and SMS. Organization admins can require MFA for their members.

API Key Management

Fine-grained API key permissions with automatic rotation, usage tracking, and instant revocation capabilities.

Role-Based Access Control

Granular permissions with predefined roles and custom access policies. Audit trails for all access events.

Private Networking

VPC peering, private endpoints, and IP allowlisting. Keep your infrastructure isolated and secure.

Data Residency

Dedicated and self-hosted deployments can pin data to specific regions to meet sovereignty requirements.

Infrastructure

Built on secure foundations

Our infrastructure runs on enterprise-grade data centers with 24/7 physical security, redundant power, and isolated network architecture. Every component is designed with security as the primary requirement.

KVM hardware-isolated virtual machines
24/7 security monitoring and alerting
High availability with automatic failover
Automated security patching and updates

Global High-Performance Edge

Deploy globally with automatic scaling and data residency controls to meet compliance requirements.

Global Edge Network
15+ regions worldwide
Auto-scaling
Scale to zero or millions
Data Residency
Choose your data location

Enterprise Security Program

For organizations with advanced security requirements, our Enterprise plan includes dedicated security support and custom configurations.

Single Sign-On (SAML, OIDC)
Custom security policies
Dedicated security engineer
Priority incident response
Custom data retention
Advanced audit logging
Penetration testing reports
Security questionnaire support
Contact Sales
Enterprise

Security for the most demanding organizations

Whether you're in healthcare, finance, or government, Hanzo meets the security and compliance requirements of regulated industries.

Our security team works directly with enterprise customers to understand their unique requirements and implement appropriate controls.

Responsible Disclosure

We take security vulnerabilities seriously and appreciate the work of security researchers. If you discover a vulnerability, please report it responsibly.

[email protected]

Ready to secure your AI infrastructure?

Start building with enterprise-grade security today. Our team is ready to help you meet your compliance requirements.