buildvia.ai
Sign inBook demoStart free trial
Security

Security at
every layer.

buildvia.ai runs in production for some of the most regulated Salesforce orgs on the planet. Here’s how we keep them safe — and how you can verify every claim on this page.

Compliance & certificationsRequest security pack

Encryption

Customer data is encrypted in transit and at rest, with separate keys per tenant.

  • TLS 1.3 in transit
  • AES-256-GCM at rest
  • Per-tenant KMS keys
  • Annual key rotation

Identity & access

Your directory owns your users. We just check the token.

  • SAML / OIDC SSO (Okta, Entra, Google)
  • SCIM provisioning
  • Role-based access & per-org scopes
  • Optional WebAuthn / hardware keys

Managed package trust layer

buildvia.ai ships as a code-signed Apex managed package — your security team can audit, scope, and revoke at any time.

  • Code-signed by Salesforce
  • Permission boundary you control
  • Production starts read-only
  • Salesforce-Hosted MCP (no third-party network)

Audit & observability

Every action is attributable, immutable, and exportable.

  • Per-user, per-org audit log
  • SIEM export (Splunk, Datadog, Panther)
  • Retention 30d / 1y / 7y by plan
  • Tamper-evident log signatures

Infrastructure

Hardened cloud infrastructure with region pinning for regulated workloads.

  • AWS · us-east-1 / us-west-2 / eu-west-1 / ap-southeast-2
  • Per-customer data plane on Enterprise
  • VPC isolation & least-privilege IAM
  • Quarterly penetration testing

Vulnerability management

We patch fast and assume the worst.

  • Dependency scanning on every PR
  • Critical CVEs patched in <48h
  • Public bug bounty program
  • responsible-disclosure@buildvia.ai

Independently verified.

SOC 2 Type II · ISO 27001 (in flight) · GDPR · CCPA

SOC 2 Type IIISO 27001GDPRCCPAHIPAA-ready

Need the full security pack?

SOC 2 report, pen-test summary, DPA, sub-processor list — all available to your security team on request.

Request security packCompliance details