Trust & Security

Security is not a feature. It's our foundation.

Built for financial services teams who can't afford to compromise. Independently audited, single-tenant, and governed by policies your legal team can review.

Request Security Documentation View FAQ →

SOC 2 Type I Certified

Report available under NDA

Single-Tenant AWSACTIVE

Dedicated infrastructure per customer

AES-256 + TLS 1.2+ACTIVE

End-to-end encryption

Cyber InsuranceACTIVE

Underwritten by State National

Secure SDLCACTIVE

Security gates at every deploy

Compliance & Certifications

The certifications that matter to your procurement team.

CERTIFIED

SOC 2 Type I

Independently audited security controls across availability, confidentiality, and privacy trust service criteria.

ACTIVE

AES-256 + TLS 1.2+

All data encrypted at rest with AES-256 and in transit with TLS 1.2 or higher. Per-tenant key management.

ACTIVE

Single-Tenant AWS

Dedicated infrastructure per customer. No shared compute, no shared storage, no resource co-location.

ACTIVE

Cyber Insurance

Cyber liability coverage underwritten by State National. Available for review under NDA.

ACTIVE

Secure SDLC

Security requirements built into every development phase. Code review, dependency scanning, and pre-deployment security gates.

Infrastructure

Built for the security requirements of financial services.

Single-tenant deployment, AES-256 encryption, and immutable audit logging. By default, not as an add-on.

Single-Tenant Infrastructure

Every customer runs on dedicated infrastructure. Your data is never co-located with another organization's. No shared compute, no shared storage.

End-to-End Encryption

All data encrypted at rest (AES-256) and in transit (TLS 1.2+). Encryption keys are managed per-tenant and never shared across accounts.

Role-Based Access Controls

Granular permissions tied to individual roles and responsibilities. Admins control who can view, edit, and act on sensitive data at the field level.

Full Audit Trails

Every action is logged with timestamps, user context, and outcome: AI decisions, human reviews, data access. Immutable and exportable.

Vulnerability Management

Regular dependency scanning, CVE monitoring, and patch SLAs. Critical vulnerabilities patched within 24 hours.

Incident Response

Documented IR plan with defined escalation paths and customer notification SLAs.

Data Residency

Customer data stored in US-based AWS regions. No cross-border data transfer without explicit consent.

Employee Security

Background checks, security training, and signed NDAs for all personnel with data access.

Common Questions

Security & compliance FAQ.

Direct answers to what compliance officers, CISOs, and legal teams ask before deploying AI in a regulated environment.

Yes. Unlimited holds a SOC 2 Type I certification, independently audited for security, availability, confidentiality, and privacy trust service criteria. The full report is available under NDA to enterprise prospects and customers.

Security Inquiries

Still have questions?

Our security team responds within one business day. For pen test reports, DPA requests, or compliance documentation, include your organization name and use case.

devs@unlimited.finance

For Procurement Teams

Ready to complete your security review?

Our security team typically completes vendor questionnaires and provides required documentation within 5 business days.

Start Your Security Review

What's included

SOC 2 Type I report (under NDA)

Security policies — all thirteen (under NDA)

Data Processing Agreement (DPA)

Subprocessor list

Standard security questionnaire responses (CAIQ, SIG Lite)

Cyber insurance certificate