Security-first AI automation platform

Security at SentrAIx

Our security program is designed around cloud security, least privilege, secure engineering, and responsible vulnerability disclosure.

Cloud Security

Built on Azure with a security-first architecture, role-based access controls, encrypted secrets, and cloud-native monitoring.

Secure Engineering

We use code review, dependency monitoring, secure configuration, and application security checks as part of our engineering process.

Enterprise Readiness

We maintain security documentation and are progressing toward formal enterprise assurance, including SOC 2 Type 2 readiness.

Security Posture

  • CSA STAR Level 1 self-assessment posture maintained for cloud security transparency.
  • Azure Marketplace availability and Azure-native deployment architecture.
  • Zero Trust-oriented access model with authentication, authorization, and least-privilege practices.
  • Encryption for sensitive secrets and secure handling of customer configuration data.
  • SOC 2 Type 2 preparation in progress.

Vulnerability Disclosure

If you believe you have discovered a security vulnerability in SentrAIx, please report it responsibly. We appreciate good-faith security research and will work to review and remediate confirmed issues.

Report a vulnerability

security@sentraix.com
  • Include a clear description, reproduction steps, affected URLs or services, and potential impact.
  • Do not access, modify, delete, or exfiltrate customer data.
  • Do not perform denial-of-service, social engineering, phishing, or physical attacks.
  • Give us a reasonable opportunity to investigate before public disclosure.

Security Framework Alignment

SentrAIx uses recognized security frameworks to guide internal controls and customer assurance. Framework mappings are maintained as internal self-assessments and updated as the platform matures.

CSA STAR Level 1

Cloud security transparency maintained through CSA STAR Level 1 self-assessment.

OWASP

Application security practices aligned to OWASP Top 10 and ASVS guidance.

CIS Controls

Operational security practices mapped against CIS Controls Implementation Group 1.

NIST CSF

Program-level security practices organized around Identify, Protect, Detect, Respond, and Recover.