piezas
security · trust by construction

The controls a review asks for are already wired.

Security isn't a sprint you defer — it's the platform's job. The same protections run under every app on Piezas, so generated code never touches raw credentials or another tenant's data.

/ the controls
01
Tenant isolation
Every record is scoped to a workspace at the data layer. Generated code can't reach another tenant's data — it's enforced beneath your app, not by it.
02
Mandatory MFA
TOTP is required across the console. There is no password-only path into an account.
03
Encrypted at rest
Secrets and provider OAuth tokens are encrypted with AES-256 and never enter application code — your app holds references, not credentials.
04
App-scoped API keys
Keys are bound to a single app and rotatable from the console. A leaked key can't roam across your other apps.
05
Immutable audit log
Every access and every change is recorded, tamper-evident, and exportable — the paper trail an enterprise buyer will ask for.
06
Instant offboarding
Remove a user and their sessions die immediately. No lingering tokens, no manual cleanup.
/ compliance

Designed to SOC 2 and ISO 27001 expectations.

The platform is built to the controls those frameworks require. SOC 2 certification is in progress — ask us for the current status and our latest report under NDA.

/ reach us

Security questions, or a vulnerability to report?

We answer both quickly. Contact us →