Security
How we handle access and data
Authentication is delegated to Seqlense SSO. Sessions are opaque, HttpOnly cookies. Data is scoped per organization at every layer.
Access
- Single sign-on via auth.seqlense.com, no separate password for GDPR.
- Users only ever see their own organization's sites, vendors and scans.
- Dashboard access is gated by an active GDPR subscription.
Data
- Control-plane data (accounts, sites, vendor registers) lives in a managed relational database.
- Scan data (network requests, third-party hits) lives in a dedicated analytics store, partitioned by month.
- Hosted in Europe, operated in-house.
Reporting a vulnerability
Please write to [email protected].