Security
How CorePath keeps your data and your customers' data safe.
Last updated January 12, 2026
01Encryption
All data is encrypted in transit using TLS 1.2+ and encrypted at rest using AES-256. Sensitive secrets such as passwords are hashed with modern, salted algorithms and are never stored in plaintext.
02Infrastructure
CorePath runs on hardened, globally distributed cloud infrastructure with isolated environments, automated patching, and continuous monitoring. Backups are encrypted and tested regularly.
03Access controls
Workspaces support role-based access (Owner, Admin, Member). Internal access to production systems is restricted on a least-privilege basis, logged, and protected by multi-factor authentication.
04Application security
We follow secure development practices, including code review, dependency scanning, and protection against the OWASP Top 10. Public links, QR redirects, and forms are rate-limited and screened for abuse.
05Compliance
We align our practices with industry standards and support GDPR requirements. A Data Processing Agreement is available for customers who need one.
06Reporting a vulnerability
We welcome responsible disclosure. If you believe you have found a security issue, please contact our team so we can investigate and respond promptly.