Security posture

Security controls written for an alerting platform — and only those

WardenPoint protects alert routing, recipient data and delivery history with concrete controls we can describe in plain English: TLS in transit, scoped API keys, audit-aware retention and per-company isolation. No marketing badges we cannot back.

Start free Talk to security

Transport: TLS 1.2+
Public IDs: UUID
Audit window: 90d

What we do

TLS 1.2+ at every public endpoint
Scoped API keys, instant revoke
UUIDs in every public URL and payload
Per-company scope on every query
Structured audit log of dispatches

What we don't claim

No formal ISO 27001 / SOC 2 certification
No HIPAA / PCI / FedRAMP claims
No end-to-end channel encryption guarantee
No indefinite voice-call recording retention

Four pillars

Concrete controls, grouped by what they protect

Four buckets cover the security surface for an alerting workflow. Each lists the actual control we have wired in code, not a generic best-practice promise.

01 · Transport

Data in transit

Every byte that leaves your monitoring tool or our dashboard travels over TLS. Public HTTP redirects to HTTPS at the edge.

TLS 1.2+ enforced at the public edge
HTTPS-only canonical URLs in sitemap and metadata
Signed webhook payloads when the source supports it
Channel providers terminate their own TLS (Telegram, SMS gateways, mail relays)

02 · Identity

Authentication & identifiers

Two distinct identity layers — API keys for machine traffic, session auth for humans — and never an integer ID in a public URL.

Per-integration API keys, revocable from the dashboard
X-API-Key header authentication for /api/v1/ endpoints
Sanctum-backed session auth for the dashboard with CSRF protection
UUID-only public identifiers via the HasUuid trait — internal IDs never leave the backend

03 · Retention

Logs & delivery history

Delivery records and audit events are kept long enough for incident review and short enough that nothing lingers unread.

Notification delivery timeline kept for incident review
Structured JSON audit log with actor, channel, status and request id
Log rotation on the host with size + age limits
Voice-call recordings retained only when explicitly configured, with rotation

04 · Tenancy

Multi-tenant isolation

Every request resolves a Company at the middleware layer. There is no shared dataset between tenants — and we test for cross-tenant leakage.

SetCurrentCompany middleware on every authenticated route
current_company() / current_company_id() helpers used by services
Model scopes prevent cross-tenant queries by default
Integration test suite asserts isolation on dashboard + API endpoints

Audit trail

Every dispatch leaves a structured record

When WardenPoint sends a notification or runs an escalation step, it writes a single audit line. The shape is stable, machine-readable and includes enough to investigate without exposing recipient content.

eventLifecycle marker — dispatched, acknowledged, escalated, failed.
company_uuidTenant scope — present on every line for safe filtering.
notification_uuidStable lifecycle identifier across all steps of one alert.
actorWhich API key or user triggered the event.
ipSource IP for machine traffic — captured at the edge.
request_idCorrelates audit lines with application logs.

audit_log.jsonlROW

{

"event": "notification.dispatched",

"company_uuid": "00000000-0000-4000-8000-000000000001",

"notification_uuid": "notif_8h2k7yQrxJp",

"channel": "telegram_voice",

"recipient_uuid": "00000000-0000-4000-8000-000000000017",

"actor": "api_key:wp_live_8h2k…",

"ip": "203.0.113.42",

"status": "queued",

"request_id": "req_4j2k9bMcvL",

"at": "2026-05-17T13:42:18Z"

}

Honest boundaries

Things we do not claim

Claiming a certification or feature we do not actually run would help nobody. These are the boundaries we explicitly leave outside the security posture today.

Formal certifications
We hold no ISO 27001, SOC 2 Type II, HIPAA, PCI-DSS or FedRAMP certification. If you need to procure under one of those frameworks, please contact us before assuming coverage.
End-to-end channel encryption
Messages travel over TLS to each channel provider, but we cannot guarantee end-to-end encryption between sender and recipient — that depends on the channel (Telegram, SMS carrier, mail relay).
Indefinite recordings
We do not store voice-call recordings forever. Retention is bounded and configurable. If you need long-term retention, run your own archive against the audit log.
Cross-tenant analytics
We do not aggregate or sell traffic data across tenants for marketing or model training. Per-company scope is enforced at the middleware layer.

Your half of the contract

How you keep this secure on your side

Most alerting incidents come from the customer half of the boundary — leaked keys, stale recipients, unclear consent. A few habits keep the surface small.

Rotate API keys with team changes

Issue a new key whenever someone with access leaves the team. Old keys revoke instantly from the dashboard.

Store keys in environment variables

Never commit keys to git. Use environment variables, a secret manager, or the deployment platform's secret store.

Keep recipient consent explicit

WardenPoint dispatches to the contact information you submit. Confirm that each recipient has opted in to voice or SMS contact for the categories you send.

Watch the audit log on integrations

If you wire WardenPoint into a new monitoring tool, run a test alert and read the audit log entry. The actor, channel and status fields catch most setup mistakes.

Security questions

What teams ask before procuring

Do you have SOC 2 or ISO 27001 certification?: Not at this time. We choose to describe the controls we run rather than claim a framework we have not been audited against. If your procurement process requires a certified vendor, please contact us before integrating.
Is data encrypted at rest?
Can a tenant see another tenant's data?
How long do you keep voice-call recordings?
Who can revoke an API key?
Do you process EU personal data?

Trial in 5 minutes

Run a security-aware integration test before rollout

Start on the free plan, create an API key, send a sample alert and read the audit log entry. No credit card. No data shared outside delivery.