SIG‑Lite Security Summary
A concise overview of Sapphire Legal AI's security posture for vendor due diligence.
What's Inside
A comprehensive overview of our security controls and compliance posture.
Hosting & Deployment
On‑prem or private cloud; customer‑controlled data residency.
Data Protection
AES‑256 at rest; TLS 1.2+ in transit; customer‑managed keys (KMS/HSM) supported.
Identity & Access
SSO (SAML/OIDC), MFA, RBAC, SCIM provisioning.
Logging & Monitoring
Comprehensive audit logs; SIEM export; configurable alerts.
Secure SDLC
SAST/DAST, dependency scanning, signed builds, vulnerability management.
Compliance & Standards
SOC 2 Type II & ISO 27001 on roadmap; HIPAA alignment; GDPR/CCPA principles.
When to Use SIG-Lite
Intended for procurement and security teams who need a concise first pass. For a deeper review, use the Security Whitepaper or book a security review.
Need a deeper review?
Get a comprehensive security review with our team or explore our detailed security documentation.