Access control
6-level RBAC with organization scoping enforces least-privilege access across every workspace action.
Security
Security controls built into every payout workflow.
Anchrix is designed for operational integrity with role boundaries, policy evidence, immutable audit trails, and encryption at every layer.
Security principles
Core controls that protect every operation in the Anchrix platform.
Decision integrity
Policy snapshots, deterministic evaluation records, and frozen evidence ensure reproducible compliance decisions.
Audit traceability
Append-only event history with DB-trigger enforcement prevents tampering and supports regulator-ready exports.
Data encryption
TLS 1.3 in transit, AES-256 at rest. Secrets are managed through environment-scoped vaults, never stored in code.
Infrastructure controls
Platform-level safeguards that protect data and availability.
Isolated compute
Workloads run in containerized environments with network segmentation.
Encrypted storage
All data at rest is encrypted with AES-256. Backups are encrypted and geo-redundant.
Network security
Firewalled ingress, private subnets, and TLS-only communication between services.
Secret management
Environment-scoped vaults with rotation policies. No secrets in source code or logs.
Monitoring & alerts
Real-time anomaly detection, structured logging, and automated incident escalation.
DDoS protection
Edge-level traffic filtering and rate limiting protect all public endpoints.
Compliance and governance
Built-in controls that support regulatory and operational review.
Organization scoping
Every API request and data query is scoped by organization identifier, preventing cross-tenant data access.
Maker-checker enforcement
Critical operations require dual approval. The same actor cannot both initiate and approve a payout batch.
Immutable audit trail
Database triggers enforce append-only semantics on audit events. No user or API can delete or modify historical records.
Evidence snapshots
Policy evaluation context, routing decisions, and disposition rationale are frozen at decision time for audit replay.
Vulnerability disclosure
Our coordinated process for handling security reports.
1
Report
Send findings to security@anchrix.com with reproduction steps and impact assessment.
2
Acknowledge
We confirm receipt within 2 business days and assign a tracking identifier.
3
Investigate
Our team triages, reproduces, and assesses severity following industry frameworks.
4
Remediate
Fixes are developed, tested, and deployed. Reporter is notified of resolution.
Security disclosure
Found a vulnerability?
We welcome responsible disclosures. Report findings to security@anchrix.com with reproduction steps and impact assessment.