VaultSEC
1 (650) 555-0218
Request demo
TLP:GREEN · DISTRIBUTABLEvault security · ops console v8.4
OPS / 01 · contact · the inbox mapRead-only
Contact · sales · support · security

Three desks. Three named humans.

Email goes to a person. Same-day during US business hours on Sales and Support; 24-hour SLA on Security disclosures. The team is small enough that you'll talk to the human whose name is on the inbox.

OPS / 02 · people · the directoryRead-only
DESK-01 · Sales · enterprise

Quotes, RFPs, multi-org rollouts.

Reach out for tier scoping, RFP responses, BAA / DPA, FedRAMP-scoped engagements, or to schedule a customer reference call. Same-day response during US business hours.

Lena Park
Head of revenue
sales@vault.io
(800) 555-0142
DESK-02 · Support · existing customers

Production issues. Customer success.

Existing customers get 24/7 platform on-call on Detection + Response and Org tiers. Posture tier gets business-hours support. In-app chat is fastest; phone for severity-1 incidents.

Marcus Trent
Head of support
support@vault.io
(800) 555-0143
DESK-03 · Security · disclosures

Vulnerability disclosures + bug-bounty.

Responsible disclosure inbox. We pay bug-bounties under our HackerOne program; severity-1 disclosures acknowledged within 24 hours. PGP key + .well-known/security.txt at the standard locations.

Sasha Park
Head of platform security
security@vault.io
PGP key on website
OPS / 03 · locations · primary officesRead-only
San Francisco
HQ · engineering, product, security
311 California St, 12th Fl · San Francisco, CA 94104
Washington, DC
Federal · public sector
1750 Pennsylvania Ave NW · Washington, DC 20006
London
EMEA · regulated industries
100 Bishopsgate, 35th Fl · London EC2N 4AG
OPS / 04 · legal · plain-language summaryRead-only
Privacy

What we collect, what we don't.

Account, billing, and platform telemetry necessary to operate the service. Customer events processed in your tenant; encrypted at rest with customer-managed keys on Org. We do not train any AI model on customer events; we do not sell or share data with third parties. Full text at /docs/legal/privacy.

Terms

Standard MSA, with a few preferences.

Standard SaaS terms with: 60-day cancellation notice on annual contracts (no auto-renewal silence), data export survives termination, no liability cap below 12 months of fees. Redlines accepted on Detection + Response and Org tiers through your standard procurement workflow.

SOC 2

Type II report under MNDA.

Annual audit by A-LIGN, current to 2026-04-01. Send your standard MNDA from your procurement workflow; we counter-sign and send the report inside one business day. Bridge letters available between annual audits.

ISO

ISO 27001:2022 certification.

Certified by Schellman in Q4 2024, re-certification scheduled Q4 2027. Certification letter and statement of applicability available under MNDA. Includes 27017 (cloud) and 27018 (PII protection in cloud) extensions.

FedRAMP

Moderate baseline · authorized.

FedRAMP Moderate ATO achieved 2025 with sponsoring agency confidential under MNDA. SSP available under FedRAMP Marketplace listing. CMMC Level 2 alignment in progress.

OPS / 05 · system statusAll clear
All systems operational
status.vault.io · current 99.99% (90-day rolling) · last incident 24d ago
SearchPodBackGet free proposalBook demo
Get Free ProposalCall