Security & Trust
How secure is the Mitigant Platform itself?
As a security platform, Mitigant takes its own security seriously:
Architecture:
- SaaS platform hosted in secure cloud infrastructure
- Agentless design minimizes attack surface
- API-based access with least-privilege principles
- BYOR (CAE) ensures customer-controlled security boundaries
Access Control:
- Role-based access control for team members
- Audit logging of all user actions
- Integration with identity providers
- Customers control access through their own IAM policies (CAE)
Data Handling:
- Attack telemetry and logs stored securely
- Compliance with data privacy regulations
- Data residency options available
Transparency:
- All actions logged in your CloudTrail/Azure Activity Logs
- No hidden permissions or backdoors
- Open documentation of required access
For detailed security architecture documentation, security questionnaires, or SOC 2 reports, please contact our team.
What about data privacy?
Mitigant's agentless approach enhances privacy:
What Mitigant Accesses:
- Cloud resource configurations
- IAM policies and permissions
- Network topology
- Service settings
- Kubernetes cluster configurations (KSPM)
- Only what you explicitly grant through BYOR (CAE)
What Mitigant Doesn't Access:
- Application data within workloads
- Customer data in databases
- File contents in storage
- Personal information
- Anything outside the role permissions you define (CAE)
During CAE Attack Emulations:
- Data exfiltration is simulated, not performed
- No actual customer data leaves your environment
- Attacks validate capability to access, not actual access