Security
Security is the product.
Private market data is among the most sensitive in finance. Our security model is built for that reality, from the ground up.
SOC 2 Type II
Certification in progress. Independently audited controls across security, availability, and confidentiality.
ISO 27001 aligned
Information security management system designed against ISO 27001 controls.
Encryption everywhere
TLS 1.3 in transit and AES-256 at rest, with customer-managed keys available.
Regional residency
Data hosted in EU and UK regions with strict tenant isolation.
Least privilege
Granular RBAC, SSO, SCIM, and full audit logging of every action.
Responsible disclosure
We welcome security researchers — see our policy at security.txt.
Nocleode operates a defence-in-depth security programme that spans organisational, application, and infrastructure controls. Our engineering practices include peer code review, automated dependency scanning, secret management, and continuous monitoring.
We are currently pursuing SOC 2 Type II certification and have aligned our controls with ISO 27001 standards. To discuss our security practices, request documentation, or explore bespoke security requirements, contact security@nocleode.com.