Security
Last updated: March 2026
Security is foundational to every product in the Alerterra Intelligence Platform. We design, build, and operate our systems with the understanding that our customers trust us with sensitive intelligence data. This page describes the security practices applied consistently across Vigila, Tradana, Gradara, Condura, and Scrutera.
Encryption at Rest and in Transit
All data across Alerterra products is encrypted at rest using AES-256 and in transit using TLS 1.3. API keys are stored as salted hashes and never logged or displayed after creation. Credential encryption keys are rotated on a defined schedule.
Role-Based Access Control
Every Alerterra product enforces granular RBAC. Roles — from viewer to admin — are scoped per organization. Permission checks gate all sensitive mutations including team management, billing, API key creation, and SSO configuration.
Audit Logging
Administrative actions, data access events, and security-relevant operations are recorded with tamper-evident audit logs. Logs capture the user, action, resource, and timestamp. Enterprise customers can export audit logs for compliance reporting.
Infrastructure Security
Alerterra products run on SOC 2 Type II certified cloud infrastructure with geographic redundancy. All services operate in isolated environments with strict network controls. We employ continuous vulnerability scanning and automated dependency updates.
API and Webhook Security
API authentication uses scoped bearer tokens with configurable expiration and per-endpoint rate limiting. Webhook deliveries are signed with HMAC-SHA256 and include retry logic with automatic disablement after repeated failures.
Authentication and SSO
All products support secure authentication with multi-factor options. Enterprise customers can configure SAML 2.0 SSO with SHA-256 signature validation, redirect origin checks, and session security with httpOnly cookies and CSRF protection.
Input Validation and Error Handling
All API endpoints validate input using Zod schemas. Error responses are sanitized to prevent information leakage — internal error messages, stack traces, and implementation details are never exposed to clients.
Incident Response
Our security team maintains a documented incident response plan with defined escalation procedures. Affected customers are notified within 72 hours. We conduct post-incident reviews and publish root cause analyses for significant events.
Responsible Disclosure
We value the work of security researchers who help keep Alerterra and its users safe. If you discover a security vulnerability in any of our products, we ask that you report it responsibly.
- Email your findings to security@alerterra.com
- Include enough detail to reproduce the issue
- Allow us reasonable time to investigate before public disclosure
- Do not access or modify data that does not belong to you
We acknowledge receipt within 24 hours and aim to provide a substantive response within 5 business days. We do not pursue legal action against researchers acting in good faith.