Enterprise-Grade Security
Your data security is our top priority. We use industry-standard encryption and strict access controls to keep your cloud credentials safe.
Encryption at Rest & Transit
All sensitive data, including cloud credentials and user information, is encrypted using AES-256 encryption at rest. All data in transit is protected via TLS 1.3.
Least Privilege Access
We only request read-only permissions (Cost Explorer, Billing) by default. Write access is only requested for specific automated remediation features you explicitly enable.
SOC 2 Compliance
We are currently in the process of obtaining SOC 2 Type II certification to demonstrate our commitment to security, availability, and confidentiality.
Data Isolation
Customer data is logically isolated in our multi-tenant architecture. Enterprise plans offer the option for dedicated single-tenant environments.
Report a Vulnerability
If you believe you have found a security vulnerability in CloudCost Sage, please report it to us immediately. We offer a bug bounty program for responsible disclosure.
[email protected]