security: add SOC2 positioning, monthly monitoring, audit trail

2026-02-01 10:36:09 +00:00 · 2026-02-01 10:36:09 +00:00 · 1ffa947a52
parent 9190ca1443
commit 1ffa947a52
1 changed files with 11 additions and 0 deletions
--- a/templates/security.tmpl
+++ b/templates/security.tmpl
@ -157,6 +157,17 @@
    <p>Continuous uptime monitoring, automated alerting, 24/7. If something blinks wrong, we know — and our systems respond before you'd ever notice.</p>
  </div>

+  <div class="privacy-card">
+    <h3>Independently verified. Monthly.</h3>
+    <p>We don't just claim security — we prove it. Every month, our infrastructure undergoes comprehensive vulnerability scanning. External monitoring runs 24/7 from Switzerland, providing independent geographic oversight of our US-based systems.</p>
+    <p>We maintain detailed security documentation aligned with SOC 2 principles: availability, confidentiality, and data integrity. Full security reports are available upon request for enterprise customers and compliance teams.</p>
+  </div>
+
+  <div class="privacy-card">
+    <h3>Every action. Logged.</h3>
+    <p>Your dossier maintains a complete audit trail. Every view, every upload, every change — timestamped and recorded. You can see exactly who accessed what and when. Nothing happens in the dark.</p>
+  </div>
+
  <div class="privacy-card">
    <h3>We keep attackers out.</h3>
    <p>Firewall rules block malicious traffic at the edge. Tarpits slow down scanners and bots, wasting their time instead of ours. Role-based access control ensures every request is authenticated and authorized — no exceptions.</p>