Security & Infrastructure

Xentos is built on a "Secured by Design" philosophy. We leverage world-class infrastructure providers to ensure your compliance data is protected by the highest industry standards.

Database & Auth

Our core application logic and database layer are hosted on Supabase, an enterprise-grade backend-as-a-service. This provides us with:

  • SOC2 Type 2 Compliant Infrastructure
  • PostgreSQL with Point-in-Time Recovery (PITR)
  • Row Level Security (RLS) for absolute data isolation
  • Enterprise-grade Auth with MFA support

Encrypted Evidence Storage

All compliance evidence and sensitive files are managed via Supabase Storage, which utilizes Amazon S3 for industrial-grade durability:

  • AES-256 Server-Side Encryption (SSE-S3) at rest
  • End-to-end encryption in transit via TLS 1.3
  • Private buckets with Row Level Security (RLS) enforcement
  • 99.999999999% (11 9s) of data durability

Internal Security Disclosure

Zero-Access Policy

Xentos maintains a Zero-Access Policy regarding customer evidence files. Our administrative dashboard does not provide any Xentos employees or contractors with the ability to browse or download your uploaded documents. Your data belongs to you, and access is strictly restricted via Row Level Security to your organization members.

Communication Security

Transactional emails and compliance alerts are delivered via Mailgun. All communications are sent over encrypted channels (TLS 1.2 or higher) and follow strict SPF, DKIM, and DMARC configurations to prevent spoofing and ensure delivery integrity.

Encryption & Transit

All connections to Xentos are forced over HTTPS using TLS 1.3 or higher. We use HSTS (HTTP Strict Transport Security) to ensure your browser never connects over an unsecure line. Our infrastructure is protected by modern Web Application Firewalls (WAF) to mitigate DDoS and SQL injection attacks.

Compliance Guarantee

"By leveraging SOC2 compliant infrastructure and strictly enforcing Row Level Security at the database layer, Xentos provides an enterprise-ready environment that protects you from technical liability while ensuring your organizational data remains private and secure."

Have more questions about our security posture?

Contact Security Team