Skip to main content

Data privacy and compliance

Tensai ensures transparency of key aspects such as data privacy and security. The platform adheres to the safeguarding standards of regulatory compliances such as NIST 800-171 and GDPR to prevent any data privacy issues for our clients. Tensai maintains an Audit Log and Terms of Service disclaimer for all tenants.

Audit Logs

  • Navigate to this section from User Management -> Audit Logs.
  • This section contains comprehensive details on all actions performed within the platform.

Terms Of Service

  • Navigate to this section from Organization Details -> ToS Manager.
  • Configured Terms of Service and its respective acceptance can be viewed here.

Security Assessment Highlights

Tensai maintains the highest security standards by identifying and resolving all security vulnerabilities. As part of our comprehensive security assessment, we have summarized the key highlights below:

Assessment Methodology

The assessment was conducted in several phases:

  • Phase 1 - Information Gathering: Collection of publicly available information about Tensai, including network infrastructure and security systems.
  • Phase 2 - Vulnerability Identification & Prioritization: Identification of vulnerabilities using automated scanning tools and manual inspection, including OWASP Top 10 vulnerabilities.
  • Phases 3 to 5 - Research, Exploitation, and Post-Exploitation: Research and development of attack approaches, exploitation of vulnerabilities using real-world hacker tools, and exploration of further opportunities for system access.
  • Phase 6 - Risk Analysis and Reporting: Detailed documentation of assessment results, risk ratings, and remediation recommendations, catering to both executive-level and technical readers.

Types of Tests

The assessment utilized a Grey-Box approach, engaging the target with limited knowledge of its defenses and assets and full knowledge of channels. This approach balanced efficiency with thoroughness, relying on the quality of information provided and the assessor's knowledge.

Tools Used

The security testing suite included Acunetix, BurpSuite, Nessus, Nikto, and Nmap. This powerful suite allowed for a comprehensive assessment, combining automated scanning with deep manual analysis to ensure a robust evaluation of Tensai's security.

SOC2 Compliance

The security assessment included a detailed mapping to SOC2 controls, showcasing Tensai's commitment to maintaining high standards of security and trust in all operations.

Current Status and Recommendations

Current Status: As of the latest assessment, Tensai has addressed all known security vulnerabilities, ensuring a robust and secure platform for our users. Recommendations: We encourage customers to stay updated with our security practices and reach out for the most recent security assessment report for detailed insights.

Continuous Security Assurance

Tensai conducts security assessments every six months, particularly after major deployments, to continuously strengthen our security posture. Customers can request these reports as needed for reassurance and transparency.

Important Notes:
  • All users have to read & accept the Terms Of Service before gaining access to the platform.
  • New versions of Terms of Service can only be added by a Tenant Admin.
  • If users have questions or require further clarification on any legal or compliance matters, they can reach out to a Tenant Admin for guidance.