Security

Security Overview

Last reviewed: July 2026

How Cerbi protects cerbi.io, the CerbiShield control plane, and the CerbiStream SDK.

Security by architecture

The architecture is the security model

Cerbi's core security property is that customer log data never leaves the customer's environment. CerbiStream runs inside your application process. CerbiShield runs inside your Azure tenant. There is no Cerbi-hosted data plane between your application and your observability tools.

Your data stays in your tenant

No network calls on the log hot-path

Policies live in your version control

RBAC and audit log included

Technical and organizational controls

Controls in place today

Encryption in transit

All traffic to and from cerbi.io is served over TLS 1.2+. CerbiStream SDK communication uses TLS for any optional telemetry paths. Data at rest inside customer Azure tenants is encrypted using Azure-managed or customer-managed keys.

Tenant isolation

CerbiShield deploys entirely inside the customer’s own Azure subscription. No customer log data, governance metadata, or audit records are stored on Cerbi infrastructure. Each deployment is fully isolated from other customers.

No hot-path network dependency

CerbiStream enforces governance rules in-process, in memory. Log emission does not make network calls to Cerbi or any external endpoint. There is no runtime dependency that could increase latency or create an availability risk.

Role-based access control

CerbiShield includes RBAC for the governance dashboard and policy editor. Access is managed through the customer’s Azure Active Directory. Cerbi support staff do not have standing access to any customer tenant.

Policy version control

Governance profiles are JSON files checked into your source repository alongside application code. Policy changes go through the same code review and CI process as application changes. There is no out-of-band configuration surface.

Audit log

CerbiShield generates an immutable audit log of all policy changes, rule deployments, violation events, and dashboard access. The audit log is stored in the customer’s tenant and is required for SOC 2 and HIPAA audit trail requirements.

Dependency security

Dependencies are tracked across all CerbiStream SDK packages (.NET, Python, Java, Go, Node.js). We use automated tooling to detect known CVEs and publish patched releases promptly.

Incident response

We maintain an incident response process. Security incidents affecting customer data or the cerbi.io website are communicated to affected customers within 72 hours of discovery, consistent with GDPR breach notification requirements.

Compliance alignment

How Cerbi supports compliance requirements

The items below describe how CerbiStream and CerbiShield's capabilities align with common compliance frameworks. This is not a certification claim. Cerbi is not currently SOC 2 or ISO 27001 certified; those certifications are on the roadmap. Contact us for the current audit evidence package.

GDPR

Cerbi’s in-tenant deployment model helps customers satisfy GDPR Art. 25 (data protection by design) and Art. 32 (security of processing). Governance policies can be scoped to redact or block personal data at log emission time, before it can reach any processor or storage system.

SOC 2 Type II

CerbiShield’s RBAC, audit log, and policy version control capabilities provide evidence for CC6.1 (logical access), CC7.2 (system monitoring), and CC9.2 (vendor management) criteria. CerbiShield is not itself SOC 2 certified at this time; certifications are on the roadmap.

HIPAA

CerbiStream can enforce governance rules that block PHI fields from appearing in application logs before they reach any downstream system. CerbiShield’s audit log supports the HIPAA audit controls requirement. Cerbi will execute a Business Associate Agreement (BAA) for covered entity customers upon request.

PCI DSS

CerbiStream can enforce Forbidden rules on card number fields, CVV fields, and token fields at log emission time, consistent with PCI DSS Requirement 3 (protect stored cardholder data) and Requirement 10 (log and monitor all access to system components). CerbiShield deployment into an isolated tenant supports network segmentation requirements.

ISO 27001

CerbiShield’s governance model aligns with ISO 27001 controls A.8 (information asset management), A.9 (access control), and A.12 (operations security). Cerbi is not itself ISO 27001 certified at this time; this is on the roadmap.

Vulnerability disclosure

Reporting a security issue

If you believe you have found a security vulnerability in cerbi.io, CerbiShield, or any CerbiStream SDK, please report it responsibly via email. Do not open public GitHub issues for security vulnerabilities.

security@cerbi.io

PGP key available on request

Our commitment to reporters:

Acknowledgment within 2 business days
Initial severity assessment within 5 business days
No legal action against good-faith security researchers
Credit in our security changelog upon request (after fix is shipped)

cerbi.io website

Website security posture

HostingVercel (SOC 2 Type II, ISO 27001 certified infrastructure)
TLSTLS 1.2+ enforced. Automatic certificate provisioning via Vercel.
HTTP headersStrict-Transport-Security, X-Content-Type-Options, X-Frame-Options, Referrer-Policy enforced via Vercel Edge Network.
Content Security PolicyCSP header configured to restrict script-src, style-src, and frame-src to known safe origins.
AnalyticsGA4 and Microsoft Clarity are loaded only after explicit cookie consent. Neither script is included in the page load by default.
Dependenciesnpm and NuGet dependencies are tracked via automated tooling. Dependabot alerts are reviewed and patched on a rolling basis.

[ cerbi ] · Start now

One NuGet package. No pipeline changes. Policy-as-code governance that runs in-process before sensitive data ever reaches Splunk, Datadog, or Azure Monitor.

14-day free trial/No credit card/Works with Serilog · NLog · MEL
Security Overview | Cerbi