Candidate data is sensitive. We treat it that way at every level of the stack.
Taltas is SOC 2 Type II certified. Our annual audit covers security, availability, and confidentiality. Contact sales for the full report.
All data is encrypted at rest (AES-256) and in transit (TLS 1.3). Encryption keys are managed via AWS KMS with automatic rotation.
Role-based access control with SSO support (SAML 2.0, OIDC). All access events are logged in immutable audit trails.
Hosted on AWS in us-east-1 and eu-west-1. Isolated per-customer environments. Automated vulnerability scanning and penetration testing quarterly.
Dedicated security team with a 2-hour initial response SLA for critical incidents. Customers are notified within 24 hours of any breach affecting their data.
Configurable retention periods by data type. Automated deletion at end of retention period. Full data export available at any time.
Report vulnerabilities or request our security documentation: security@taltas.ai