Skip to content
Back to Home
Legal & Trust Center

Security & Compliance

Built on the standards of Israeli Cyber Defense. We protect your IP as if it were our own.

Last Updated: November 2025

ISO 27001 & SOC 2

Our Operational Security (OpSec) aligns with ISO/IEC 27001 standards, common among Israeli defense-tech ecosystems.

ISO 27001 AlignedGDPR Ready

Zero-Trust IP Handling

We work within your VPC. Source code never touches our local machines without encryption and MDM enforcement.

  • Enforced via Apple Business Manager (MDM)
  • Biometric MFA on all Access Points

Secure Infrastructure

SIEMA leverages tier-1 cloud providers (AWS, GCP, Azure) with strict security configurations. We do not host your production data; our engineers connect directly to your secure environment via VPN.

  • VPC Isolation: Engineers connect via WireGuard/OpenVPN with mandatory 2FA.
  • Endpoint Protection: All workstations are equipped with SentinelOne or CrowdStrike EDR.
  • Data Residency: We respect data sovereignty. Customer data remains in its region of origin (e.g., EU-West-1, US-East-1).

Data Protection & Privacy

Encryption
AES-256 at rest. TLS 1.3 in transit. Keys managed via AWS KMS.
Access Control
Role-Based Access Control (RBAC) reviewed quarterly.
Compliance
Fully compliant with Israeli PPL 1981 and EU GDPR.

Personnel Vetting (The "8200 Standard")

Our vetting process goes beyond code. It includes rigorous background checks standard in the Israeli high-tech industry.

  • Identity Verification: Government ID validation for every engineer in Ukraine and Israel.
  • Background Checks: Criminal record and sanctions list screening.
  • NDA: Strict Non-Disclosure Agreements signed individually, enforceable in local courts.

Report a Vulnerability

Security is our DNA. If you believe you have found a security vulnerability in our platform, please report it to security@siema.tech. We acknowledge receipt within 24 hours.