Home / About / Security

Security posture

How we protect your data and your IP

Audited annually. Encrypted at rest and in transit. Per-program access controls. Continuous monitoring of operators and infrastructure.

SOC 2
Type II audited
ISO 27001
Certified 2025
Continuous
Third-party audit
Overview

Two layers of control, both audited

Security at Roborax operates on two layers: the platform (infrastructure, encryption, access) and the operators (vetting, NDAs, monitoring). Both are audited by independent third parties. Reports are available under NDA to active and prospective customers.

For surgical, defense, and ITAR-restricted work, additional controls apply per program. Clearance-eligible operators, air-gapped collection environments, and per-session audit trails are all standard for those engagements.

Data handling

How your data moves through Roborax

Per-program access controls. Encrypted throughout. Deleted on demand.

LAYER 01

Encryption

AES-256 at rest. TLS 1.3 in transit. Per-program keys held in a hardware-backed KMS.

LAYER 02

Access control

Per-program ACLs. Least-privilege enforced via SSO. Operators see only the program they’re assigned to.

LAYER 03

Retention

Your data is yours. Deletion on demand, no archive copies. Default retention is project lifetime.

LAYER 04

Audit logging

Every data access logged with operator, timestamp, and session ID. Logs retained for the program duration plus 12 months.

Operator security

The people side of the data

Operators are vetted, contracted per program, and monitored during sessions.

CONTROL 01

Background checks

All operators undergo background checks before joining the network. Re-verified annually.

CONTROL 02

Per-program NDA

Signed before any program access. NDA terms negotiated per customer.

CONTROL 03

Clearance available

ITAR-eligible US citizen operators and HIPAA-trained clinicians available for restricted programs.

CONTROL 04

Session monitoring

Operator behavior during sessions monitored in real time. Anomalies flagged automatically.

What our partners say
Their SOC 2 report and per-program NDA template were what unlocked our procurement review. We had been blocked for eight weeks. Roborax turned that around in three days.
Priya Nadkarni
CISO, Andesite AI

Need our SOC 2 report?

security@roborax.ai gets you the report and audit history within one business day.