Security
controls
Identity, authorization, audit, and data handling, described in the terms you would use to test them. The gaps we have not closed yet are on this page too. Ask us to show the evidence behind any line.
24
Individual permissions
3
Audit logs (changes · sign-ins · security)
∞
Audit retention when self-hosted
0
Times self-hosted calls home per request
Controls that ship today
Named in product terms, in the order a security review tends to walk them.
Identity & access
Sign in with a password or your identity provider (SAML and OIDC single sign-on). Multi-factor authentication with authenticator apps, SMS, or recovery codes. Sensitive actions ask users to confirm their identity again. Logins can be restricted to the network ranges you choose.
Authorization model
24 individual permissions. Build custom roles from them, and scope an agent to specific teams. Platform operators are a separate system from your workspace roles entirely.
Audit & monitoring
Three separate logs: what changed, who signed in, and security events. Retention runs from 7 days to 12 months by add-on, and is unlimited when self-hosted. Stream every event to Splunk, Datadog, or whatever your security team already runs.
GDPR erasure & access
Erase a person's data in one step, keeping a cryptographic proof instead of the identity (Article 17). Export every record a person produced when they file an access request (Article 15). Both actions are audited, and both have documented APIs.
Secret handling
Sign-on credentials, license keys, and integration tokens are encrypted at rest and never displayed in the admin UI. Each can be rotated per environment.
Data isolation
Application queries are scoped to your organization. Organization deletion first enters a restricted, restorable retention period; permanent purge removes the organization-owned records after that recovery window. Attachments are restricted by file type, and can be scanned for malware against a ClamAV daemon.
Self-hosted privacy
The self-hosted edition runs with no internet connection at all, and telemetry is off unless you turn it on. Your data stays inside your network.
How we run the service
Operational practice, not product surface: the CI gates, the disclosure policy, and the monitoring stack behind the controls above.
Dependency and vulnerability management
Production dependencies are audited for high-severity advisories in CI on every change, alongside CodeQL static analysis. Dependencies are updated on a regular cadence rather than on incident.
Secure development
Every change passes an automated gate of type checks, lint, and the unit and integration test suites before it can merge. Security-sensitive areas (auth, permissions, rate limits, audit) carry dedicated test suites.
Logging and monitoring
Application errors are captured with alerting, and the platform exposes health and metrics endpoints we watch in the managed cloud. Security events land in the same audit stream customers can export.
Incident response and disclosure
Report vulnerabilities to security@eventier.io. We follow coordinated disclosure with a standard 90-day window and will credit reporters who want it. Customer-affecting incidents are communicated directly.
What stays in your hands
A security review needs both sides of the responsibility line. These are the parts your team owns.
Identity provider configuration
You own the SSO connection and its policies: which users can authenticate, MFA enforcement at the IdP, and deprovisioning through SCIM.
Role design
Custom roles are built from individual permissions. Granting them well, and scoping agents to the right teams, is workspace configuration you control.
Retention settings
Audit retention, data-erasure requests, and export cadence are workspace settings. Pick the retention window your compliance posture requires.
Self-hosted operations
On the self-hosted edition you run the infrastructure: backups, network controls, TLS termination, OS patching, and the database. The signed license and update artifacts come from us; the perimeter is yours.
Need it on your own infrastructure?
Enterprise self-hosting: runs on your Kubernetes cluster with a signed license, even fully offline. Bring your own AI or turn it off. $20/agent/mo.