Skip to main content

Security & Compliance

Last updated: December 9, 2025

Our Security Commitment

At BrainPredict, security is our top priority. We implement industry-leading security measures to protect your data across all 16 platforms and 445 AI models. Our zero-knowledge architecture ensures that your business data never leaves your premises.

Platforms Protected:

Commerce (20)Supply (22)People (27)Sales (26)Marketing (26)Legal (31)Risk (25)Finance (35)Innovation (28)Controlling (32)Communications (30)Data (29)Strategy (28)Sourcing (26)Operations (32)Customer (28)

Latest Cybersecurity Audit Results

Grade A+ (100%)

Perfect Security Score - Server Clean

Latest Audit: December 9, 2025 (08:47 UTC)

🛡️

0

Malware Found

0

C2 Connections

0

Failed Logins Today

100%

Services Online

Server fully secured. Zero malware processes, no unauthorized connections, all security services active, no persistence mechanisms detected.

Active Protection Systems

Security Fortress v4.0

Continuous malware scanning every 60 seconds

UFW Firewall

IP whitelist enabled, default deny policy

Fail2ban

Auto-bans after 3 failed SSH attempts (24h)

ClamAV Antivirus

Real-time malware detection and removal

Detailed Security Test Results

SSL/TLS Security

TLS 1.3, strong cipher suites, valid certificate

30/30

✓ PASS

Security Headers

HSTS with preload, X-Frame-Options, CSP, X-Content-Type-Options, X-XSS-Protection

35/35

✓ PASS

Information Disclosure

No sensitive information exposed in headers or responses

10/10

✓ PASS

Common Vulnerabilities

SQL injection, XSS, CSRF, clickjacking, directory traversal protection

25/25

✓ PASS

API Security

Authentication required, rate limiting, input validation

15/15

✓ PASS

Cookie Security

Secure, HttpOnly, SameSite attributes properly configured

10/10

✓ PASS

DNS Security

DNSSEC enabled (prevents DNS spoofing), CAA records configured (restricts certificate issuance)

10/10

✓ PASS

Security Features Implemented

HTTPS/TLS 1.3 with strong cipher suites
HSTS with preload (max-age=31536000)
X-Frame-Options: DENY (clickjacking protection)
X-Content-Type-Options: nosniff
Content-Security-Policy configured
X-XSS-Protection: 1; mode=block
Secure and HttpOnly cookies
API authentication and rate limiting
DNSSEC enabled (DNS spoofing protection)
CAA records (certificate issuance control)

Audit Frequency: Continuous monitoring (every minute) + Full audits on-demand

Data Encryption

  • In Transit: All data transmitted between your browser and our servers is encrypted using TLS 1.3
  • At Rest: All stored data is encrypted using AES-256 encryption
  • Database: Database encryption with automatic key rotation
  • Backups: All backups are encrypted and stored securely

Infrastructure Security

  • Hosted on Hetzner Online GmbH (Nuremberg, Germany) - ISO 27001:2022 certified, GDPR compliant
  • All data stored exclusively in German data centers (EU jurisdiction)
  • DDoS protection and WAF (Web Application Firewall)
  • Regular security patches and updates
  • Network isolation and segmentation
  • Intrusion detection and prevention systems
  • 24/7 security monitoring and alerting

Access Control

  • Multi-factor authentication (MFA) required for all accounts
  • Role-based access control (RBAC)
  • Principle of least privilege
  • Regular access reviews and audits
  • Secure password policies (minimum 12 characters, complexity requirements)

Compliance Standards

  • GDPR: Full compliance with EU data protection regulations
  • CCPA: California Consumer Privacy Act compliance
  • HIPAA: Healthcare data protection compliance
  • SOC 2 Type II: Compliant with security and availability standards
  • ISO 27001: Information security management standards compliance
  • FDA 21 CFR Part 11: Electronic records compliance for healthcare AI
  • EU AI Act: Compliance with EU artificial intelligence regulations
  • EU Data Act: 95% compliant with EU Data Act (Regulation 2023/2854) - data portability, interoperability, and switching provider rights

Security Testing

  • Regular penetration testing by third-party security firms
  • Automated vulnerability scanning
  • Code security reviews and static analysis
  • Bug bounty program for responsible disclosure
  • Annual security audits

Incident Response

We have a comprehensive incident response plan:

  • 24/7 security operations center (SOC)
  • Defined incident response procedures
  • Customer notification within 72 hours of any data breach
  • Regular incident response drills
  • Post-incident analysis and improvements

Data Backup & Recovery

  • Automated daily backups
  • Geo-redundant backup storage
  • Regular backup testing and restoration drills
  • 99.9% uptime SLA
  • Disaster recovery plan with RTO < 4 hours

Employee Security

  • Background checks for all employees
  • Regular security awareness training
  • Confidentiality and NDA agreements
  • Secure development lifecycle (SDLC) practices
  • Code review requirements

Report a Security Issue

If you discover a security vulnerability, please report it responsibly:

BrainPredict OÜ

Registry Code: 17352111

Address: Harju maakond, Tallinn, Kesklinna linnaosa, Jõe tn 3-314, 10151, Estonia

Phone: +372 6630414

Email: support@brainpredict.ai

PGP Key: Available upon request

Response Time: Within 24 hours