Vexera Trust Center

Security &
Compliance

Vexera is built to protect your source code, scan results, and infrastructure credentials. Every layer of our platform is designed with security as the default.

Security Controls

View all 37 controls

Data Handling8

Zero-training policy with AI providers

EU data residency for primary storage

Automatic PII redaction

+5 more

Product Security10

Encryption at rest

Encryption in transit

No raw credentials in client state

+7 more

Infrastructure Security9

Network segmentation enforced

DDoS and WAF protection

Production access restricted to key personnel

+6 more

Operational Security10

Signed DPAs with all sub-processors

Incident response plan documented

Incident management procedures followed

+7 more

Subprocessors

View all

VendorPurposeData Region

Google Cloud

AI model inference for vulnerability analysis, confidential sandboxes, cloud hosting

dataforest GmbH

Cloud Hosting Provider

MongoDB, Inc.

Primary application database

Redis Ltd.

Job queue, caching, and session management

Cloudflare, Inc.

DDoS protection, WAF, domain management, and object storage (R2)

Resources

View all

How we collect, process, and protect personal data under GDPR

View

Data Processing Agreement

GDPR Article 28 DPA for when Vexera acts as processor

View

Security Controls

Technical and organizational measures protecting your data

View

Security &Compliance

Security Controls

Subprocessors

Resources

Security &
Compliance