Trust center

Security you can verify.

MachineCert is built on the same security posture that LogMeOnce has maintained for over ten years. SOC 2 Type II, ISO 27001, HIPAA shared responsibility, GDPR-ready.

Talk to sales Read security architecture
Compliance and security

Posture you can audit.

01

SOC 2 Type II

Independent attestation of security, availability, and confidentiality controls. Renewed annually.

02

ISO 27001

Information security management aligned with ISO/IEC 27001. Certified annually.

03

HIPAA shared responsibility

Clear documentation of MachineCert's and customer's respective responsibilities under HIPAA.

04

GDPR-ready

DPA, subprocessors register, and data residency controls. EU customer data stays in the EU.

05

Least-privilege access

Read-only API access by default. Customer data is never used to train models or shared with third parties.

06

Penetration testing

Annual third-party penetration testing. Findings disclosed to customers under NDA.

Vulnerability disclosure

Responsible disclosure, real response.

Security researchers can report vulnerabilities through our coordinated disclosure program. Acknowledged within one business day. Resolved fast.

Report a vulnerability
Keep reading

Related

About

About MachineCert

Built by the team behind LogMeOnce.

Read more
Solution

Security teams

How security teams use MachineCert.

Read more
Enterprise

Enterprise

Self-hosted and dedicated SA options.

Read more

Verify the posture
for yourself.

Talk to sales Start free
Documentation packets available under NDA