Security & Compliance

Trust, engineered into the platform.

Falcon is built for organizations that treat security as a product requirement — not a checklist.

SOC 2
Type II ready
ISO 27001
Aligned
GDPR
EU residency
HIPAA
BAA available
SSO + SCIM
Enterprise IDPs
Identity Security

Who you are, verified.

Enterprise-grade identity from day one.

Multi-Factor Authentication

TOTP, WebAuthn and passkeys — enforceable at the workspace level.

Single Sign-On (SSO)

SAML 2.0 with Okta, Azure AD, Google Workspace and any SAML IDP.

SCIM Provisioning

Automated user, group and role lifecycle from your identity provider.

Device Fingerprinting

Per-session device profiles for anomaly detection and access decisions.

Session Management

Explicit session lifetimes, idle timeouts and per-workspace policies.

Remote Revocation

Terminate any session, device or key from the admin console in one click.

Data Protection

Your data, your control.

Encrypted, isolated, exportable and deletable — always.

Encryption at Rest

AES-256 for all storage — documents, embeddings, logs and backups.

Encryption in Transit

TLS 1.3 with modern ciphers and HSTS across every endpoint.

Secret Vaults

Isolated, per-tenant vaults for API keys, connector credentials and BYOK material.

Customer Data Controls

Opt-out of training, per-workspace retention and export policies.

Export & Deletion

Self-serve full data export and verifiable deletion on request.

Tenant Isolation

Row-level security, logical isolation and dedicated cloud options.

Security Controls

Defense in depth.

Guardrails at every layer of the stack.

Row Level Security

Every table enforces access at the database layer — defense in depth.

Role-Based Access

Fine-grained roles for users, agents, workflows and APIs.

Immutable Audit

Append-only, tamper-evident logs for every privileged action.

Rate Limiting

Per-user, per-IP and per-key limits with adaptive throttling.

DDoS Protection

Edge-layer mitigation across every region we serve.

Content Filtering

Configurable safety, PII detection and prompt-injection defenses.

Compliance

Ready for your auditors.

Aligned with the standards your legal and risk teams already require.

GDPR

EU data residency, DPA, and lawful-basis mapping across processing activities.

SOC 2 Type II

Continuous controls monitoring with an active audit program.

ISO 27001

Aligned ISMS with roadmap toward full certification.

HIPAA

BAA available for regulated healthcare workloads.

Privacy Controls

Consent management, data-subject requests and clear processing records.

Retention Policies

Configurable retention for chats, artifacts, embeddings and logs.

Governance

Manage AI at scale.

Reviews, monitoring, auditing and policy — visible and enforceable across the org.

Access Reviews

Periodic attestations for privileged roles and sensitive workspaces.

Security Monitoring

SIEM-ready event streams and anomaly detection across the platform.

Usage Auditing

Full traceability from prompt to model, agent, tool and output.

Policy Enforcement

Workspace-level policies for models, connectors, redaction and export.

Workspace Governance

Org-wide guardrails with team-level overrides and inheritance.