Enterprise-grade security
RevCPQ is built with security at its core. Your data is protected by industry-leading practices and controls.
Security Features
Multiple layers of protection to keep your data safe.
Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Database backups are also encrypted.
Authentication
SSO via SAML 2.0 and OAuth 2.0. Support for MFA, password policies, and session management.
Access Control
Role-based access control (RBAC) with granular permissions. Audit logs for all access and changes.
Infrastructure
Hosted on AWS with SOC 2 certified data centers. Redundant systems with 99.9% uptime SLA.
Monitoring
24/7 security monitoring with automated threat detection. Real-time alerting and incident response.
Backups
Automated daily backups with point-in-time recovery. 30-day retention with geographic redundancy.
Compliance & Certifications
We maintain rigorous compliance standards and undergo regular third-party audits to ensure we meet the highest security requirements.
SOC 2 Type II
CertifiedAudited annually by independent third party
GDPR
CompliantCompliant with EU data protection regulations
CCPA
CompliantCompliant with California privacy laws
ISO 27001
In ProgressInformation security management certification
Request Security Documentation
Enterprise customers can request access to our security documentation, including:
- SOC 2 Type II Report
- Penetration Test Summary
- Security Questionnaire
- Data Processing Agreement
Our Security Practices
Security is not just about technology—it's about process, people, and culture.
Responsible Disclosure
We take security vulnerabilities seriously. If you believe you've found a security issue in RevCPQ, please report it to us privately so we can address it promptly.
Report a VulnerabilityQuestions about our security?
Our security team is happy to discuss our practices and address any concerns.
Contact Security Team