Welcome to the Suped Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this Trust Center to learn about our security posture and request access to our security documentation. Suped is continuously monitoring its overall security posture.
Strong authentication
We enforce modern authentication standards including Single Sign-On (SSO) and phishing-resistant Multi-Factor Authentication (MFA) for all employee access to internal systems.
Cloud security architecture
Our production environment runs as immutable infrastructure and is strictly managed through infrastructure-as-code with automated security checks throughout our CI/CD pipeline.
Continuous monitoring
We continuously monitor our cloud environments to identify, prioritize, and fix vulnerabilities while enforcing preventative controls to detect and respond to potential threats.
Secure development lifecycle
We ensure security and integrity throughout our SDLC with automated secret scanning, security testing, container image vulnerability scanning, and mandatory peer review for code changes.
Security awareness
Our security awareness programs include regular training on information security and data privacy, guidance on emerging threats, and team-specific guidelines for secure practices.
Detection and response
We employ a Security Information Event Management system that ingests security telemetry from all environments with a global team ready to quickly triage, investigate, and remediate events.
Endpoint security
Our workstations run endpoint detection and response software providing malware prevention, detection, and containment capabilities alongside Data Loss Prevention tools.
Risk management
Our risk management process is integrated with business and technical functions across the company, helping us identify opportunities to improve security and privacy, and to mitigate threats.
Supplier risk management
We ensure the security and reliability of supplier products and services to maintain the integrity of our offerings and protect customer data through comprehensive assessments.
Compliance roadmap
We're actively working toward industry compliance certifications including SOC 2 and ISO 27001 to demonstrate our commitment to security, availability, processing integrity, and confidentiality.
Encryption and key management
We use cloud-native key solutions for secure key storage and management with automated controls ensuring that keys are not stored or transferred via insecure methods.
