[{"data":1,"prerenderedAt":60},["ShallowReactive",2],{"content-\u002Fsecurity":3},{"id":4,"title":5,"body":6,"description":16,"extension":52,"meta":53,"navigation":54,"path":55,"seo":56,"sitemap":57,"stem":58,"__hash__":59},"content\u002Fsecurity.md","Security and Privacy — Venture360",{"type":7,"value":8,"toc":47},"minimark",[9,18,25,29,34,39],[10,11],"hero",{":stats":12,"accentText":13,"icon":14,"statsStyle":15,"subtitle":16,"title":17},"[{\"value\":\"SOC 1 & 2 Type II\",\"label\":\"Certified\"},{\"value\":\"Continuous\",\"label\":\"Compliance Monitoring\"},{\"value\":\"AES-256\",\"label\":\"Data Encryption\"}]","Privacy","shield-check","grouped","Security is at the heart of what we do. Helping our clients improve their security and compliance starts with our own.","Security and ",[19,20],"security-section",{":blocks":21,"title":22,"variant":23,"eyebrow":22,"subtitle":24},"[{\"title\":\"Security Principles\",\"numbered\":true,\"items\":[\"Access limited to legitimate business need, principle of least privilege\",\"Security controls layered per defense-in-depth\",\"Controls applied consistently across enterprise\",\"Implementation iterative, continuously maturing\"]},{\"title\":\"Compliance\",\"body\":\"Venture360 maintains a SOC 1 & 2 Type II attestation. Our SOC 1 & 2 Type II report is available upon request. Venture360 maintains compliance with SOC for Service Organizations.\",\"image\":\"\u002Fimages\u002Fsoc-badge.png\"}]","Governance","principles","Venture360's security team establishes policies and controls, monitors compliance with those controls, and proves our security and compliance to third-party auditors.",[19,26],{":blocks":27,"title":28},"[{\"title\":\"Data at rest\",\"icon\":\"database\",\"body\":\"All datastores are encrypted. Sensitive data is protected with field-level encryption to ensure maximum security even in the event of unauthorized access to storage systems.\"},{\"title\":\"Data in transit\",\"icon\":\"arrow-right-left\",\"body\":\"All data in transit is encrypted using TLS 1.2 or higher. HSTS is enforced across all endpoints. TLS certificates are automatically provisioned and renewed.\"},{\"title\":\"Secret management\",\"icon\":\"key-round\",\"body\":\"Application secrets and configuration are managed through secure environment variables scoped to each environment, with access restricted to authorized personnel only.\"}]","Data Protection",[19,30],{":blocks":31,"title":32,"variant":33},"[{\"title\":\"Penetration testing\",\"body\":\"Venture360 commissioned an independent third-party firm to conduct a penetration test of our platform. The assessment did not result in unauthorized access to our systems or data.\",\"items\":[\"Conducted by an independent third-party firm\",\"No unauthorized access achieved\"]},{\"title\":\"Authorization controls\",\"icon\":\"shield-check\",\"body\":\"Access control is enforced at the application layer through role-based authorization policies evaluated on every request. Each policy is backed by comprehensive automated test coverage, ensuring least-privilege access is applied consistently and that changes are verified before release.\",\"items\":[\"Role-based policy evaluated on every request\",\"Comprehensive automated test coverage\",\"Least-privilege access enforced consistently\",\"Changes verified before release\"]}]","Security Testing & Verification","grid",[19,35],{":blocks":36,"title":37,"variant":38},"[{\"title\":\"Endpoint protection\",\"icon\":\"monitor\",\"body\":\"All company devices are continuously monitored for security compliance using Vanta, which verifies that disk encryption, screen lock, operating-system updates, and OS-level malware protection are enabled and current across every device.\"},{\"title\":\"Security education\",\"icon\":\"book-open\",\"body\":\"Venture360 provides comprehensive security training to all employees. Every new hire attends a mandatory live onboarding session on key security principles, and all new engineers attend an additional session focused on secure coding practices.\",\"footer\":\"Venture360's security team shares regular threat briefings with employees to inform them of important security and safety-related updates that require special attention or action.\"},{\"title\":\"Identity and access management\",\"icon\":\"user-check\",\"body\":\"Venture360 employees authenticate to internal systems using unique, individual credentials, with multi-factor authentication enabled wherever the platform supports it. Access to each system is granted based on role and business need, and is promptly revoked upon an employee's departure.\"},{\"title\":\"Vendor security\",\"icon\":\"handshake\",\"body\":\"Venture360 takes a risk-based approach to evaluating vendors. Considerations include:\",\"items\":[\"Access to customer and corporate data, integration with production environments\",\"Sensitivity of data the vendor can access or process\",\"Use of subprocessors and fourth-party dependencies\",\"Potential damage to the Venture360 brand\"],\"footer\":\"Vendors with access to sensitive data or production environments receive additional scrutiny before adoption.\"}]","Endpoint Security & Access Management","list",[40,41],"call-to-action-section",{":badges":42,":buttons":43,"background":44,"subtitle":45,"title":46},"[{\"text\":\"SOC 1 & 2 Type II Certified\",\"icon\":\"shield\"},{\"text\":\"Continuous Monitoring\",\"icon\":\"clock\"},{\"text\":\"AES-256 Encryption\",\"icon\":\"lock\"}]","[{\"label\":\"Get in Touch\",\"href\":\"https:\u002F\u002Fcalendly.com\u002Fv360demo\u002Fventure360-get-in-touch\",\"variant\":\"primary\"}]","navy","Our security team is happy to discuss our practices and provide additional documentation for your review.","Questions about our security?",{"title":48,"searchDepth":49,"depth":50,"links":51},"",2,3,[],"md",{},true,"\u002Fsecurity",{"title":5,"description":16},{"loc":55},"security","3PmXXoNeYKkQGWW6Fdz12wRi920PTCCnpfaWNBg53Xg",1783968884441]