Security
Security is built into every layer of the Aenex platform.
Protecting your data is foundational to everything we build. From infrastructure and encryption to access controls and AI safety, we follow industry best practices to keep your workspace secure.
Infrastructure
- Hosted on SOC 2 Type II certified cloud providers (GCP and AWS)
- Multi-region deployment for availability and disaster recovery
- Content delivery network (CDN) for low-latency global access
- Encrypted block storage with automated replication
Encryption
- All data in transit encrypted with TLS 1.3
- All data at rest encrypted with AES-256
- Encrypted database backups with separate key management
- HTTPS enforced for all API and web connections
Authentication
- Passwords stored as salted bcrypt hashes (never plain text)
- Session tokens managed with HTTP-only, secure cookies
- Plannorium SSO for workspace authentication
- Multi-factor authentication (MFA) on our roadmap
- SCIM provisioning planned for enterprise workspaces
Access Control
- Role-based permissions: Owner, Admin, Editor, Viewer, Guest
- Granular workspace-level access controls
- Shareable links with view or edit permissions
- Guest access for external collaborators
- Audit trail of all permission changes
Monitoring and Detection
- 24/7 automated threat monitoring and anomaly detection
- Real-time logging of authentication events and API access
- Rate limiting and brute-force protection on login endpoints
- Automated alerts for suspicious account activity
- Quarterly penetration testing by independent third parties
Backups and Recovery
- Automated daily backups of all workspace data
- Cross-region backup replication for disaster recovery
- Point-in-time recovery capability
- Encrypted backup storage with restricted access
- Regular backup restoration testing
AI Security
- AI requests transmitted over encrypted channels only
- Strict workspace isolation — no cross-workspace data leakage
- AI providers contracted to not train on your data
- Configurable AI provider selection (Groq or Gemini)
- Prompt and response data stored within your workspace boundary
Report a Security Vulnerability
We take security vulnerabilities seriously. If you believe you have discovered a security issue, please report it responsibly.
Email our security team at support@plannorium.com with details about the issue. We will acknowledge receipt within 48 hours and work with you to address the finding promptly.
We maintain a responsible disclosure policy and will publicly acknowledge verified security researchers who report issues in accordance with our guidelines.
Continuous Improvement
Security is never a finished effort. We regularly update our practices to address emerging threats. Our program includes quarterly penetration testing, dependency scanning, automated security checks in CI/CD, and ongoing security training for our team. We also maintain a bug bounty program for independent researchers.

