Enterprise-grade security built into every layer of our infrastructure.
Our data centers are located in Morocco, providing physical security and data sovereignty. We employ multi-layered network security with DDoS protection, intrusion detection, and continuous monitoring.
All data is encrypted in transit using TLS 1.3 and at rest using AES-256 encryption. API keys are hashed and never stored in plaintext. We support customer-managed encryption keys for enterprise plans.
We maintain SOC 2 Type II certification, CNDP compliance, and GDPR alignment. Regular third-party audits validate our security posture and data handling practices.
Zero-trust architecture with role-based access control (RBAC). Multi-factor authentication for all administrative access. Comprehensive audit logging for all API and system operations.
We maintain a 24/7 incident response team. Security incidents are communicated transparently within 72 hours per GDPR requirements. We conduct regular disaster recovery and business continuity testing.
We welcome security researchers to report vulnerabilities. Please contact security@moor.ai with details. We commit to acknowledging reports within 48 hours and providing updates on remediation progress.