Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

At Veza, safeguarding customer data and protecting critical assets are the foundation of our business. As identity and access become the new security perimeter, we’ve built our platform — and our company — around the principles of least privilege, transparency, and continuous assurance.

We operate with a security-first mindset across every layer of our infrastructure and development lifecycle. From code reviews and penetration testing to continuous monitoring and zero-trust access controls, every engineering and operations decision begins with security. Our dedicated Security, Privacy, and Compliance teams partner closely to ensure our controls evolve with the threat landscape and exceed global best practices.

We maintain a rigorous governance framework aligned to leading standards including SOC 2 Type II, ISO 27001, and GDPR, and we undergo regular third-party assessments to validate our posture. Our internal policies extend to secure software development (SSDLC), encryption in transit and at rest, and real-time anomaly detection across production environments.

Transparency is essential to trust. Customers can access our latest compliance certifications, audit reports, and security documentation via the Veza Trust Portal — a central resource designed to provide ongoing visibility into our controls, incident response processes, and product security practices.

Compliance

SOC 2 Type 2 Logo
SOC 2 Type 2
ISO/IEC 27001 Logo
ISO/IEC 27001
GDPR Logo
GDPR
EU-US DPF Logo
EU-US DPF
Swiss-US DPF Logo
Swiss-US DPF
UK Extension to EU-US DPF Logo
UK Extension to EU-US DPF

Documents

REPORTSSecurity Whitepaper
COMPLIANCEISO/IEC 27001
COMPLIANCESOC 2 Type 2
SELF-ASSESSMENTSSIG Lite
APP SECURITYApplication Penetration Testing
LEGALPrivacy Policy
AIAI Overview

Product Security

Audit Logging
Multi-Factor Authentication
Role-Based Access Control
View more

App Security

Runtime Application Self Protection
Software Development Lifecycle
Vulnerability & Patch Management
View more

Access Control

Data Access
Logging
Veza for Veza

Data Security

Access Monitoring
Encryption-at-rest
Encryption-in-transit

Endpoint Security

Disk Encryption
Endpoint Detection & Response

Self-Assessments

SIG Lite

AI

Introduction and Commitment
AI Frequently Asked Questions (FAQ)
AI Overview

Reports

Security Whitepaper

Legal

Privacy Policy

Infrastructure

Infrastructure Security

Corporate Security

Employee Handbook
HR Security
Internal SSO
View more
Built onSafeBase by Drata Logo