Security at Nexli
Last updated: January 12, 2025
Protecting customer data is foundational to Nexli. This page summarizes the safeguards we maintain across infrastructure, product, and operational domains. For diligence requests or a copy of our latest security documentation, email security@nexli.ai.
Infrastructure
- Hosted on hardened cloud infrastructure with network segmentation and least-privilege access controls.
- Continuous monitoring, automated patching, and backup verification for critical services.
- Encrypted transit (TLS 1.2+) and encryption at rest for databases, object storage, and secrets.
Product Safeguards
- Role-based access control (RBAC) with per-company data isolation enforced through row-level security.
- Granular audit logging for administrative actions, document ingestion, and agent conversations.
- Customer-controlled retention and deletion workflows, including hard-delete options for uploaded content.
Operational Practices
- Background checks and security training for employees with production access.
- Multi-factor authentication and hardware security keys required for administrative tools.
- Documented incident response runbooks with 24/7 on-call coverage and customer notification procedures.
Compliance & Assessments
We align with SOC 2 control families and complete annual penetration testing with remediation tracking. Custom assessments and data processing agreements are available for enterprise plans.
Responsible Disclosure
If you believe you have discovered a security vulnerability, notify us at security@nexli.ai. Include steps to reproduce so we can investigate promptly. We ask that you do not publicly share findings until we resolve the issue.
Related Resources
- Privacy Policy
- Terms of Service
- Contact our team for vendor security reviews.