Enterprise-Grade Security
Trust infrastructure requires trust. We built ATHENA with security at its core.
Compliance & Certifications
SOC 2 Type I
Target: Q2 2026
EU
GDPR Ready
EU data residency available
HIPAA Compatible
BAA available for Enterprise
Security Architecture
Encryption
- • TLS 1.3 for all data in transit
- • AES-256 encryption at rest
- • bcrypt hashing for API keys
- • Encrypted database connections
Multi-Tenant Isolation
- • Tenant ID enforced at database level
- • Separate encryption keys per tenant
- • No cross-tenant data access
- • Audit logging per tenant
Access Control
- • Role-based access control (RBAC)
- • API key scoping by permission
- • SSO support (SAML/OIDC) for Enterprise
- • MFA for all admin access
Audit Logging
- • All API calls logged
- • Tamper-evident audit trails
- • Configurable retention (1-7 years)
- • Export for external SIEM
Infrastructure
Cloud Infrastructure
- • AWS-hosted (US-East, EU-West available)
- • Multi-AZ deployments
- • 99.9% uptime SLA (Enterprise)
- • Automated backups (daily)
Network Security
- • DDoS protection via Cloudflare
- • WAF for all API endpoints
- • Rate limiting at edge
- • Private VPC networking
Responsible Disclosure
We take security seriously. If you discover a vulnerability, please report it responsibly.
security@athenatrust.aiNeed more details? Request our security whitepaper or schedule a security review call.