Security Overview
Cyber Horizon Intelligence Ltd
Last Updated: 11 July 2026
This overview summarises how we protect the confidentiality, integrity, and availability of the data entrusted to us. It is a high-level summary for prospective and current customers; our detailed internal security policies and documentation are available to customers and prospects under NDA on request. We continuously mature our security programme; where a control is being established rather than fully operational, we say so.
Data Protection
- Encryption of data in transit (TLS) and at rest (AES-256), provided by our managed infrastructure.
- Encrypted, managed backups with point-in-time recovery.
- Logical tenant isolation — each customer organisation’s data is separated and scoped by a unique organisation identifier.
Access Control
- Multi-factor authentication (MFA) and single sign-on (SSO) via SAML/OIDC.
- Role-based access control (RBAC) on a least-privilege basis.
- Access reviews and prompt revocation on role change or offboarding.
Hosting & Data Residency
Cyber Horizon is a cloud-native platform hosted on established providers — the application on Vercel and our primary data store on Supabase (AWS), located in the European Union by default. We inherit the physical, network, and platform security controls of these providers. Regional data-residency options are available on eligible plans.
Application & Operational Security
- Secure development practices, peer code review, and separated development, staging, and production environments.
- Dependency and vulnerability scanning in our build pipeline; timely patching.
- Automated application and error monitoring with alerting.
- A documented incident-response process covering identification, containment, eradication, recovery, and post-incident review.
Compliance
- UK GDPR and EU GDPR compliance for personal data, backed by our Data Processing Agreement.
- ISO 27001 — controls aligned, certification targeted Q3 2027 (not yet certified).
- A limited set of vetted sub-processors, each bound by appropriate data-protection obligations.
Reporting & More Information
To report a suspected vulnerability, see our Vulnerability Disclosure Policy. For our security posture and to request detailed documentation, visit the Trust Center or contact security@cyberhorizon.co.