Security Policy

At Engisen, we employ cutting-edge cryptographic systems, continuous monitoring, and enterprise-grade infrastructure to ensure the highest level of security for your data and interactions.

1. Data Encryption

  • Transport: TLS 3.0 with forward secrecy and AEAD ciphers
  • Storage: AES-256-GCM encryption with hardware-encrypted key storage
  • Quantum Resistance: Lattice-based algorithms for forward secrecy

2. Secure Authentication

  • Zero-knowledge proof identity verification
  • Multi-factor authentication using WebAuthn and FIDO2 standards
  • Credential stuffing mitigation via behavioral analysis and rate limiting

3. Compliance & Certifications

  • ISO/IEC 27001 Information Security Management certified
  • GDPR, CCPA, UCPA compliant by design and default
  • Annual third-party penetration testing (NIST SP 800-115 compliant)

4. Incident Response

Our response team operates 24/7 with playbooks aligned to NIST's Computer Security Incident Handling Guide. Breach notifications are automatically triggered within 24 hours via blockchain event logs and encrypted email.

5. Third-Party Security

  • Software Bill of Materials (SBOM) for all third-party components
  • Continuous dependency scanning with automated upgrade pipelines
  • Strict vendor security requirements aligned with MITRE ATT&CK framework

Security Inquiries

For security vulnerability reports or compliance inquiries, please use our secure reporting channel:

security@engisen.social