VESSOUL
Technology
VESSOUL // SECURITY CONTROLS

Zero trust. Verified at every hop.

No request is trusted by network position. Identity is proven, authorization is recomputed, sensitive resources require step-up, and every decision is auditable.

Authentication

  • MFA required for all users
  • Passwordless / WebAuthn support
  • Session rotation on privilege change
  • Device fingerprinting
  • Continuous risk scoring

Authorization order

  1. 01Session validation
  2. 02Role validation
  3. 03Permission validation
  4. 04Step-up authorization
  5. 05Resource ownership check
  6. 06Audit logging

Baseline controls

Encryption at rest
AES-256
Encryption in transit
TLS 1.3
Password hashing
Argon2id
Secrets management
Vault
WAF
Enabled
DDoS protection
Enabled
CSP headers
Strict
HSTS
Enabled (preloaded)

Sensitive resource protection

Patent material, investor data, and the document vault carry stricter controls beyond the platform baseline.

Patent Center

  • Explicit permission token
  • Reauthentication required
  • Watermarked downloads
  • Export monitoring
  • Document fingerprinting

Investor Data Room

  • Read-only sessions
  • Download restrictions
  • Expiring share links
  • Activity tracking
  • NDA acknowledgment workflow

Document Vault

  • Immutable audit logs
  • Version history
  • Digital signatures
  • File integrity hashes
  • Legal-hold support

Intellectual property protection

Because the platform carries proprietary IP and patent material, these controls are non-negotiable.

  • Document watermarking
  • Download monitoring
  • AI prompt logging
  • Content fingerprinting
  • Insider threat detection
  • Encryption of all patent artifacts
  • Fine-grained access policies
  • Immutable audit trail
  • Export controls
  • Signed confidentiality agreements
← PREVIOUS
Data Architecture
NEXT →
Implementation Standards