Security & trust
Trust is the foundation, not an afterthought.
Vesara reads what your company says, sends, and signs—so trust has to be built in. We work inside the boundaries you already enforce, keep every action traceable, and never ask you to stand up a new system to govern.
How we protect your data
Encrypted in transit and at rest
Customer data is encrypted in transit and at rest using industry-standard protocols. The Record stays traceable to its source without copying data into new, unmanaged silos.
Least privilege by default
Access follows the boundaries you already enforce. Vesara reads and writes back to your existing tools rather than creating a new trust boundary your security team has to govern.
Traceable, auditable actions
Every fact and action lands in one living Record, ranked by source and traceable to the moment it happened—so reviews and audits work from evidence, not assumption.
A clear, in-progress roadmap
We are building toward recognized enterprise standards (such as SOC 2) and align our practices to least-privilege access, data minimization, and customer control. Current details are available under NDA.
Responsible disclosure
If you believe you have found a security vulnerability, please email security@vesara.ai with the details and steps to reproduce. We investigate reports promptly and will work with you to confirm and resolve valid issues before public disclosure.
This page summarizes our security posture and is being expanded as our formal program and certifications are finalized. Current documentation is available under NDA.
Frequently asked questions
How does Vesara keep our data secure?
Customer data is encrypted in transit and at rest, access follows least-privilege principles, and Vesara reads from and writes back to the tools you already run rather than creating a new trust boundary. Every action is traceable in one auditable Record.
Does Vesara create a new trust boundary?
No. Vesara works within the boundaries you already enforce. It does not require a rip-and-replace or a new system of record your security team has to separately govern.
Is Vesara compliant with enterprise standards?
We align our practices to least-privilege access, encryption, and data minimization, and we are building toward recognized standards such as SOC 2. Current compliance details and documentation are available under NDA—contact security@vesara.ai.
How do I report a security issue?
Email security@vesara.ai with details. We investigate reports promptly and will coordinate disclosure responsibly.