01Platform 02How it works 03Security 04Pricing 05Book a demo
SECURITY · 03

Serious about money. Serious about security.

Security isn't a page in a sales deck — it's how the platform is built. Authorization is a matrix, sessions fail closed, and every action an operator takes, human or AI, is bounded and audited.

Fail-closed sessions

OIDC + MFA on every login. Masquerade and staff access are default-deny, time-boxed, and fully audited.

authz-matrix 18/18

Hardened edge

HSTS, CSP, and strict headers baked into one Caddy image — two edge modes, one artifact, no drift.

17/17 posture

Per-FI isolation

Every institution gets its own data boundary and its own keys — no shared tenancy, no cross-FI blast radius.

isolated by default

AI is never an oracle

AI operators can diagnose and remediate infrastructure — they can never move money. Every action is bounded and reversible.

bounded · audited

Proof, on by default

OpenTelemetry, synthetic journeys, and per-FI dashboards ship with the platform, so posture is observable, not asserted.

observability built-in

Reversible by design

Every change is a pull request and every deploy is one image — so git revert is a first-class incident response.

one image · git revert
Posture, measured

Numbers you can point at.

0
authorization-matrix checks enforced in code
0
edge-hardening checks passing on every build
0
of operator actions audited — human and AI
0
shared-tenancy surfaces — every FI isolated
● Security review

Bring your hardest questions.

Walk through the authorization model, the edge posture, and the AI action boundaries with the people who built them.

viridian · platform-health region us-east-1 p99 42ms ai-ops autopilot 3 FIs live --:--:-- UTC scroll 0%