🔧This is a demonstration site — for demo purposes only. Ganexa-ArchNova is currently invite-only.

Security

Enterprise-grade security by design

Your enterprise architecture contains your most sensitive strategic data. We treat security as a foundational requirement, not a feature.

Security Practices

How we protect your data

Encryption everywhere

TLS 1.3 in transit, AES-256 at rest. Database-level encryption with customer-managed keys on Enterprise plans.

Zero-trust architecture

Every request is authenticated and authorised. No implicit trust between services. mTLS for all internal communication.

Data isolation

Each tenant's data is logically isolated at the database level. Enterprise plans offer dedicated database instances.

Access control

RBAC and ABAC with granular permissions. SSO via SAML 2.0 and OIDC. SCIM for automated user provisioning.

Audit trail

Every action logged with who, what, when, and why. Tamper-proof audit logs retained for 7 years on Enterprise plans.

Sovereign deployment

Deploy ArchNova in your own cloud, on-premises, or air-gapped. Your data never leaves your infrastructure.

Compliance Roadmap

Certifications and standards

StandardStatusTarget
SOC 2 Type IIIn progressQ1 2027
ISO 27001PlannedQ2 2027
GDPRCompliantNow
HIPAAPlannedQ3 2027
FedRAMPPlannedQ4 2027
CSA STARPlannedQ2 2027

Responsible Disclosure

Report a vulnerability

We welcome responsible security researchers. If you discover a vulnerability, please report it to security@ganexas.com. We commit to acknowledging reports within 24 hours and providing an initial assessment within 72 hours.

Contact Security Team