Security
Security Overview
Last reviewed: July 2026
How Cerbi protects cerbi.io, the CerbiShield control plane, and the CerbiStream SDK.
Security by architecture
The architecture is the security model
Cerbi's core security property is that customer log data never leaves the customer's environment. CerbiStream runs inside your application process. CerbiShield runs inside your Azure tenant. There is no Cerbi-hosted data plane between your application and your observability tools.
Your data stays in your tenant
No network calls on the log hot-path
Policies live in your version control
RBAC and audit log included
Technical and organizational controls
Controls in place today
Encryption in transit
All traffic to and from cerbi.io is served over TLS 1.2+. CerbiStream SDK communication uses TLS for any optional telemetry paths. Data at rest inside customer Azure tenants is encrypted using Azure-managed or customer-managed keys.
Tenant isolation
CerbiShield deploys entirely inside the customer’s own Azure subscription. No customer log data, governance metadata, or audit records are stored on Cerbi infrastructure. Each deployment is fully isolated from other customers.
No hot-path network dependency
CerbiStream enforces governance rules in-process, in memory. Log emission does not make network calls to Cerbi or any external endpoint. There is no runtime dependency that could increase latency or create an availability risk.
Role-based access control
CerbiShield includes RBAC for the governance dashboard and policy editor. Access is managed through the customer’s Azure Active Directory. Cerbi support staff do not have standing access to any customer tenant.
Policy version control
Governance profiles are JSON files checked into your source repository alongside application code. Policy changes go through the same code review and CI process as application changes. There is no out-of-band configuration surface.
Audit log
CerbiShield generates an immutable audit log of all policy changes, rule deployments, violation events, and dashboard access. The audit log is stored in the customer’s tenant and is required for SOC 2 and HIPAA audit trail requirements.
Dependency security
Dependencies are tracked across all CerbiStream SDK packages (.NET, Python, Java, Go, Node.js). We use automated tooling to detect known CVEs and publish patched releases promptly.
Incident response
We maintain an incident response process. Security incidents affecting customer data or the cerbi.io website are communicated to affected customers within 72 hours of discovery, consistent with GDPR breach notification requirements.
Compliance alignment
How Cerbi supports compliance requirements
The items below describe how CerbiStream and CerbiShield's capabilities align with common compliance frameworks. This is not a certification claim. Cerbi is not currently SOC 2 or ISO 27001 certified; those certifications are on the roadmap. Contact us for the current audit evidence package.
GDPR
Cerbi’s in-tenant deployment model helps customers satisfy GDPR Art. 25 (data protection by design) and Art. 32 (security of processing). Governance policies can be scoped to redact or block personal data at log emission time, before it can reach any processor or storage system.
SOC 2 Type II
CerbiShield’s RBAC, audit log, and policy version control capabilities provide evidence for CC6.1 (logical access), CC7.2 (system monitoring), and CC9.2 (vendor management) criteria. CerbiShield is not itself SOC 2 certified at this time; certifications are on the roadmap.
HIPAA
CerbiStream can enforce governance rules that block PHI fields from appearing in application logs before they reach any downstream system. CerbiShield’s audit log supports the HIPAA audit controls requirement. Cerbi will execute a Business Associate Agreement (BAA) for covered entity customers upon request.
PCI DSS
CerbiStream can enforce Forbidden rules on card number fields, CVV fields, and token fields at log emission time, consistent with PCI DSS Requirement 3 (protect stored cardholder data) and Requirement 10 (log and monitor all access to system components). CerbiShield deployment into an isolated tenant supports network segmentation requirements.
ISO 27001
CerbiShield’s governance model aligns with ISO 27001 controls A.8 (information asset management), A.9 (access control), and A.12 (operations security). Cerbi is not itself ISO 27001 certified at this time; this is on the roadmap.
Vulnerability disclosure
Reporting a security issue
If you believe you have found a security vulnerability in cerbi.io, CerbiShield, or any CerbiStream SDK, please report it responsibly via email. Do not open public GitHub issues for security vulnerabilities.
security@cerbi.io
PGP key available on request
Our commitment to reporters:
cerbi.io website
