Security — Neuron Factory

Security

Security at Neuron Factory

We take the security of our customers' data seriously. This page describes the practices, controls, and commitments that protect the Neuron Factory platform and the data you trust us with.

Access control

Access to production systems and customer data is limited to authorized personnel on a need-to-know basis. We enforce single sign-on, multi-factor authentication, and periodic access reviews across our environment.

Data protection

Encryption in transit

All traffic to and from our services is encrypted using TLS 1.2 or higher. HTTPS is enforced across all customer-facing endpoints.

Encryption at rest

Customer data is encrypted at rest using AES-256 across our storage and database layers.

Key management

Encryption keys are managed through our cloud provider's key management service with restricted, audited access.

Incident response

We maintain a documented incident response plan, disaster recovery plan, and data breach response playbook, each reviewed on a regular cadence. In the event of an incident affecting customer data, we will notify affected customers in accordance with our contractual and legal obligations.

Infrastructure and monitoring

Our platform runs on a leading enterprise cloud provider. We use cloud-native security tooling for continuous threat detection and posture management. Infrastructure access is restricted on a least-privilege basis and protected by multi-factor authentication.

Secure development

Changes to our services are version-controlled, peer-reviewed, and deployed through automated CI/CD pipelines with semantic versioning. Material changes affecting customers are communicated through product release notes as part of our regular release process.

Compliance & certifications

We are pursuing SOC 2 Type I attestation, currently in progress. Our security program is monitored through a continuous compliance platform, and our Trust Center provides an up-to-date view of our posture.

Customers and prospects may request current compliance documentation, including our SOC 2 report under NDA, by contacting security@neuronfactory.ai or through our Trust Center.

Reporting a vulnerability

We welcome reports from security researchers. If you believe you have found a security vulnerability in a Neuron Factory product or service, please email us with a description of the issue, the affected component or URL, and steps to reproduce it. Please allow us a reasonable period to investigate and remediate before public disclosure.

security@neuronfactory.ai

Reach our security team directly for security concerns and additional information on customer security protections.