BreachForge holds a picture of where your defences are strong and where they are not. That is sensitive by its nature, so we treat it that way. Here is plainly how your data is protected, and what happens if something goes wrong.
Your data is encrypted in transit with modern TLS, and at rest on the platform. Backups are separately encrypted again before they leave the platform, so a copy is never readable on its own.
Every account is isolated. One customer can never see another customer's estate, findings or results. Access is tied to a verified sign in, checked on every request, not just at login.
Backups are only real if they can be restored. Ours are tested by restoring them, not assumed. We keep encrypted copies on an independent schedule so a bad day does not become a lost estate.
Our assistant explains your result in plain English. It has no access to your database and no ability to act on your systems. What it can say is screened both on the way in and the way out.
No jargon. This is what protecting your data looks like day to day.
The honest question a security buyer asks is not "are you perfect", it is "what happens when you are not". Here is our answer.
Security teams and procurement often want more than a summary. We keep a fuller security overview for exactly that, covering our controls, data handling and assurance work in depth.
Read the full security overview Talk to us