How XSEE protects your environment and your data.
Audit underway. Expected completion Q3 2026. Report available under NDA upon request.
Cloud Security Alliance self-assessment. Submission in progress.
Data Processing Agreement available on request. EU data handling compliant.
Hosted on AWS us-east-1. AES-256 encryption at rest and in transit.
You create the role. XSEE never writes to your environment. No resource creation, modification, or deletion — ever.
Zero footprint inside your infrastructure. Nothing running in your workloads. Nothing installed on your instances.
XSEE assumes your role only during active scans. Sessions expire automatically. No persistent access to your account.
XSEE reads AWS API metadata only — resource IDs, policies, relationships. No file contents, no PII, no workload data.
No automated write actions without explicit CISO approval. Every change cryptographically logged to approving identity.
Report vulnerabilities to security@xsee.io. We provide 48-hour acknowledgement on all reports and target 7 days to remediate or publish a mitigation plan for critical issues.
SOC 2 Type II report available under NDA. DPA available upon request for GDPR compliance.