Vendor Security Questionnaire
Common security questions answered. Streamline your vendor risk assessment process.
Describe your information security governance model.
SecurityRhodiumhunt operates under an Information Security Management System (ISMS) aligned with ISO 27001. Security governance includes risk assessment, policy development, management review, and continuous improvement cycles.
What encryption standards do you use?
SecurityWe use AES-256 for data at rest and TLS 1.3 for data in transit. Encryption keys are managed securely with rotation policies.
Where is customer data stored?
InfrastructureCustomer data is stored in AWS US regions (US-East-1, US-West-2) with multi-region redundancy. We do not transfer data outside these regions without explicit consent.
Are you SOC 2 compliant?
ComplianceWe are pursuing SOC 2 Type II certification, with audit expected to complete in Q1 2026. Current Type I report is available under NDA.
What is your incident response time?
OperationsAverage incident response time is 2 hours. We maintain 24×7 SOC monitoring with documented incident response procedures tested quarterly.
Do you support SSO?
Access ControlYes, we support OIDC and SAML 2.0 based SSO integration with major providers like Okta, Azure AD, and Google Workspace.