Built for teams whose auditors read the footnotes
Ixiea is privileged access infrastructure. Security is not a feature page. It is the product. This is how we build, operate, and disclose.
Security practices
Gateway-first recording
Session evidence is captured at the broker, not on targets operators control. Recordings, keystrokes, and file transfers are bound to a named identity and policy version at decision time.
Encryption in transit and at rest
All operator and connector traffic is TLS-terminated at the gateway. Session artifacts and audit logs are encrypted at rest with customer-managed or platform-managed keys depending on deployment model.
Least-privilege operations
Ixiea support access into customer tenants is opt-in, time-bound, and session-recorded, using Ixiea itself. Standing support credentials do not exist.
Secure development lifecycle
Dependency scanning, signed container images, and segregated build pipelines for control plane and connector components. Security advisories ship with CVE detail and upgrade paths.
For procurement
Trust artifacts your security team will ask for
We are early-stage, formal trust artifacts are on our roadmap. Contact us for an honest security overview and what we can share today.
- Penetration test summaryOn roadmap
- SOC 2 Type II reportOn roadmap
- Data processing addendumAt contract, when available
- Subprocessor listSee trust center
- security.txtPlanned
Report a vulnerability
If you believe you have found a security issue in Ixiea, report it to security@ixiea.com. We acknowledge within one business day and coordinate disclosure on a timeline that protects customers. Full policy details are in our security disclosure documentation.
Enterprise evaluation?
Talk through security posture with the team
We will share our current practices, subprocessors, and roadmap for SOC 2 and formal trust artifacts.