Bank-Grade Security for Your Fund Data
Heracles is built with security as the foundation, not an afterthought. Your sensitive financial data is protected by the same security standards used by the world's leading financial institutions.
SOC 2 Type II
Independently audited security controls
Valid through Dec 2026
ISO 27001
Information security management
Valid through Mar 2027
GDPR
EU data protection regulation
Continuous compliance
CCPA
California privacy rights
Continuous compliance
Security Architecture
Multi-Layered Protection
Zero-Trust Architecture
Every request is authenticated and authorized, regardless of origin. No implicit trust, ever.
- Continuous verification
- Least privilege access
- Micro-segmentation
End-to-End Encryption
Your data is encrypted at every stage - at rest, in transit, and during processing.
- AES-256 encryption
- TLS 1.3 in transit
- HSM key storage
Continuous Monitoring
24/7 security operations center with AI-powered threat detection and response.
- Real-time alerting
- Anomaly detection
- Automated response
Security Features
Comprehensive Protection
Data Encryption
Encryption at Rest
AES-256 encryption for all stored data
Encryption in Transit
TLS 1.3 for all network communications
Key Management
Hardware Security Modules (HSM) for key storage
BYOK Support
Bring Your Own Key for enterprise clients
Access Control
Multi-Factor Authentication
TOTP, SMS, and hardware key support
SSO Integration
SAML 2.0, OAuth 2.0, OIDC support
Role-Based Access
Granular permission management
IP Whitelisting
Restrict access by IP address or range
Infrastructure
Private Cloud
Dedicated infrastructure available
Multi-Region
US, EU, APAC data centers
99.99% SLA
Enterprise uptime guarantee
DDoS Protection
Layer 3-7 attack mitigation
Monitoring
24/7 SOC
Security Operations Center monitoring
Threat Detection
AI-powered anomaly detection
Audit Logging
Complete activity audit trail
Incident Response
4-hour response SLA for critical issues
Data Privacy
Your Data, Your Control
We believe in complete transparency about how your data is handled. You maintain full control over your information at all times.
No Training on Your Data
Your documents are never used to train our AI models
Data Retention Control
Configure how long we keep your data - you decide
Complete Data Export
Export all your data anytime in standard formats
Right to Deletion
Request complete deletion of all your data
Data Location Choice
Choose where your data is stored (US, EU, APAC)
Data Processing
Encrypted TLS 1.3 transfer
Isolated secure environment
AES-256 encrypted at rest
Multi-factor authenticated
Incident Response
Rapid Response Protocol
In the unlikely event of a security incident, our dedicated security team follows a rigorous response protocol to protect your data.
<15 min
Detection Time
<1 hr
Initial Response
<4 hrs
Resolution SLA
24/7
SOC Coverage
Response Stages
Detection
Automated monitoring detects anomaly
Assessment
Security team evaluates severity
Containment
Isolate affected systems
Remediation
Fix vulnerability and restore
Communication
Notify affected customers
Security Testing
Continuously Tested & Verified
Automated Scanning
Daily vulnerability scans across all infrastructure
Penetration Testing
Third-party ethical hackers test our defenses
Bug Bounty Program
Crowdsourced security researchers report vulnerabilities