Trust Center
Security and Complianceat Enterprise Scale
Syniel's security posture is designed for the most regulated industries. Continuous compliance, not periodic certification.
Compliance certifications
SOC 2 Type II
ActiveAnnually audited by an independent CPA firm. Full report available under NDA.
ISO 27001
ActiveInformation security management system certified by BSI Group.
PCI-DSS Level 1
ActiveAssessed annually by a Qualified Security Assessor (QSA). AOC available.
HIPAA BAA
AvailableBusiness Associate Agreements available for covered entities and business associates.
GDPR
CompliantData Processing Agreements (DPAs) available. Sub-processor list published.
FedRAMP
In progressCurrently pursuing FedRAMP Moderate authorization for US government workloads.
Security by design
Encryption everywhere
AES-256 at rest. TLS 1.3 in transit. Customer-managed keys (BYOK) available on all plans.
Zero-trust access
Every internal service-to-service call is authenticated and authorized. No implicit network trust.
Immutable audit logging
All control plane actions logged immutably with 7-year retention. Tamper-evident with cryptographic signatures.
Vulnerability management
Continuous CVE scanning of infrastructure and container images. Critical patches deployed within 24 hours.
Penetration testing
Annual third-party penetration tests. Customer-requested pen tests available on Enterprise plans.
Bug bounty program
Responsible disclosure program with rewards for qualifying vulnerability reports.
Need compliance documentation for your procurement process?
Enterprise customers receive full SOC 2 reports, ISO certificates, and PCI AOC under NDA.