Security is the product.
Security is also the practice.

CYBEREYE is built by vCISOs. We hold ourselves to the same standard we audit our customers against.

Architecture

Read-only by default. Zero-retention by design.

Every integration is OAuth, scoped to read-only. We never ingest source data we don’t need. All LLM calls run under a zero-retention contract — your prompts and responses are never used to train models.

Data residency

Israel + EU regions. Your choice, your contract.

Pick il-central-1 (Israel) or eu-central-1 (Frankfurt) at signup. Data never crosses regions without your explicit configuration. US data residency available for enterprise tier.

Encryption

In transit. At rest. Always.

TLS 1.3 in transit. AES-256-GCM at rest. Per-tenant data encryption keys, rotated automatically every 90 days. Customer-managed keys (CMK) available on enterprise.

Access controls

Zero trust. MFA. IP allowlists.

Every login requires MFA. Granular role-based access control with least-privilege defaults. Optional IP allowlists per workspace. SSO via Microsoft Entra, Google Workspace, and WorkOS coming Q3.

Compliance

GDPR today. SOC 2 + ISO 27001 in flight.

GDPR compliant from day one. SOC 2 Type 1 audit scheduled Q4 2026. ISO 27001 certification in progress with target completion Q1 2027. DPA available on request.

Sub-processors

The full list. Always current.

Provider	Use	Region
Amazon Web Services	Compute, storage	eu-central-1 (Frankfurt) / il-central-1
Supabase	Auth + Postgres	Frankfurt
Vercel	Web hosting	EU edge
Anthropic	LLM inference	US — zero-retention contract
Cloudflare	DDoS, WAF	Global edge

Download as JSON or PDF.

Bug bounty program

Public bounty launching alongside SOC 2. Until then, responsible disclosure via security@cybereye.co.il earns recognition, swag, and our gratitude.

security@cybereye.co.il

Security is the product.Security is also the practice.