Security by
design and default.
SOC 2 Type II
Independently audited annually. Reports available on request under NDA.
Encryption
AES-256 at rest. TLS 1.3 in transit. Customer-managed keys on Enterprise.
SSO & SCIM
SAML SSO with all major IdPs. SCIM 2.0 user provisioning.
Data residency
Choose US, EU, or APAC for primary data storage.
Audit logs
Tamper-evident logs of every privileged action, exportable on demand.
Vulnerability program
Continuous pen-testing and a public bug bounty for researchers.
Responsible disclosure
Found something?
Tell us.
We pay competitive bounties for verified vulnerabilities. Report to security@lepta.app with PGP.