Security is not a feature. It's the foundation.
We build systems that hold customer, financial, and operational data. The security baseline isn't something we charge extra for — it's the floor every Akwazi build starts from.
Baseline
What ships by default. Across every engagement.
These aren't add-ons. They're the starting baseline for every Customer Portal, Integration Platform, and Enterprise Portal we build.
Encryption everywhere
AES-256 at rest, TLS 1.3 in transit, KMS-managed keys, no exceptions.
Identity & SSO
SAML 2.0, OIDC, OAuth 2.0. Integrate with Okta, Entra ID, Google Workspace, and more. MFA enforced.
Role-based access
Granular permissions, just-in-time elevation, per-tenant isolation.
Audit log
Every action — human or AI — logged with actor, context, payload. Searchable, exportable, immutable.
Data residency
EU, US, or your own VPC. Customer data never leaves the region you choose.
Tenant isolation
Logical and physical separation. Per-tenant keys. Strict data boundaries.
AI governance
Confidence thresholds, eval suites, human-in-the-loop, full decision transparency.
Backup & DR
Automated backups, point-in-time recovery, documented RTO/RPO commitments.
Compliance posture
Honest about where we are. Clear about where we're heading.
No over-promising on certifications or attestations. We tell you exactly what we have, what's in progress, and what we can support on engagement.
SOC 2-aligned operations
In practiceOur processes follow the SOC 2 Type II Trust Services Criteria. Independent attestation roadmap shared on request.
GDPR-ready
SupportedDPAs available, sub-processor list maintained, data subject rights tooling built in.
Sector frameworks
On requestISO 27001, HIPAA, DORA, NIS2 alignment available depending on the engagement and the sector.
Penetration testing
OngoingRegular third-party pen tests and vulnerability assessments. Executive summaries available under NDA.
Secure SDLC
StandardCode reviews, dependency scanning, secret detection, automated security testing — part of every release.
Incident response
OperationalDocumented IR plan, runbooks, on-call rotation, communication SLAs. Customer notification commitments per engagement.
AI governance
Responsible AI by default — not by promise.
AI is powerful only when it's controlled. Every AI capability we ship has the same six properties — at minimum.
Confidence thresholds
Every AI decision carries a confidence score. Below your threshold, the action routes to a human reviewer.
Decision transparency
Every AI action includes reasoning, source documents, and the model output — visible in the audit log.
Human-in-the-loop
Any workflow step can require human approval. You decide what the AI can act on autonomously.
No training on your data
Your data is never used to train foundation models. Your business data stays your business data.
Eval-driven
Each AI capability ships with an eval suite. Regression on quality fails CI — like any other production component.
Boundaries enforced
AI tools have scoped permissions. They can't read what they're not allowed to read, or do what they're not allowed to do.
Start a conversation
Have something worth building?
30-minute intro call. We'll learn what you're trying to do, share whether we're the right fit, and — if we are — sketch what a first sprint would look like.