Tensor is built for teams that gatekeep enterprise deals. Our security posture is engineered to meet the bar of the customers we serve.
Tensor is SOC 2 Type II certified and ISO 27001 certified. Audit summaries and our most recent SOC 2 report are available under NDA — request a copy from your account contact or contact@tensorcompliance.com.
Every integration Tensor offers is read-only by default. We do not require write access to evaluate your controls. Where a specific capability requires write scope, you opt in explicitly and may revoke at any time.
Customer data is encrypted in transit (TLS 1.2+) and at rest (AES-256). Integration credentials are stored in a hardware-backed key management system and never in plaintext.
Customer environments are logically isolated with strict tenant boundaries enforced at the application and database layers. Data does not cross tenant boundaries.
Access to production systems is least-privilege and MFA-enforced. All access is logged, reviewed quarterly, and revoked promptly on role change or departure.
We engage independent penetration testers on a recurring basis. Summaries are available on request and remediation timelines are tracked in our public-facing trust posture.
An up-to-date list of sub-processors is available on request. We notify customers in advance of material sub-processor changes.
We welcome reports from the security community. Please email contact@tensorcompliance.com with details. We will respond within one business day.