Security & Compliance

Security is not just what RedCloud scans for — it is how the platform itself is built. This section documents the platform’s own security posture for your security and procurement teams.

In this section

• Platform Security — secure-by-default principles, authentication, and authorization.
• Architecture — components, data flow, and trust boundaries.
• Tenant Isolation — how data is kept strictly separated per tenant.
• Data Handling — what data is collected, where it is stored, and retention.

Secure by default

RedCloud is built on non-negotiable principles: secure defaults with no silent downgrade, tenant isolation as an invariant, least privilege everywhere, governed break-glass access, and fail-fast startup that refuses to run in an unsafe configuration.

Tip

Procurement or security reviewing RedCloud? The Architecture and Tenant Isolation pages are written for exactly that audience.