Security and compliance, by default.
Opal is the operating layer for AI inside regulated enterprises. Security, privacy, and governance are not features — they are how the platform is built.
Annually audited controls covering security, availability, and confidentiality.
Information security management system certified to ISO/IEC 27001.
DPA, SCCs, and data subject rights workflows for EU and California residents.
TLS 1.2+ in transit, AES-256 at rest, customer-managed keys on Enterprise.
SAML SSO, SCIM provisioning, fine-grained RBAC, and audit logging.
Multi-region architecture with 99.9% uptime SLA on Enterprise plans.
Pen tests, SOC 2 reports, DPAs, and the subprocessor list.
Security questionnaires, third-party audit reports, our Data Processing Addendum, and our current subprocessor list are available to customers and prospects under NDA.
We welcome reports from security researchers. Please send details, reproduction steps, and your contact info to security@deployopal.com. We will acknowledge within two business days.