Security Overview
Pygentech designs institutional intelligence systems with security, privacy, and operational resilience as foundational requirements. We apply layered controls across identity, data, and operations.
Last updated: March 2026
1. Identity and Access Control
Pygentech applies access controls designed for institutional operating environments.
- Role-based access control (RBAC) to restrict access by user role and responsibility
- Secure authentication mechanisms and session controls
- Least-privilege access principles for administrative functions
- Separation of tenant access to prevent cross-organization data exposure
2. Tenant Data Isolation
Client environments are logically isolated to prevent data access across organizations.
- Strict separation of tenant configuration and data
- Controlled access boundaries enforced at the application and database levels
- Tenant-scoped APIs to ensure requests can only access authorized resources
3. Data Protection and Encryption
Pygentech protects data both in transit and at rest using industry-standard approaches.
- TLS/HTTPS encryption for data transmitted between clients and systems
- Secure handling of credentials and integration keys
- Controlled retention policies aligned to institutional requirements
4. Application and API Security
Sentradar APIs are designed with controls to reduce misuse and unauthorized access.
- Authentication required for protected endpoints
- Input validation and request integrity controls
- Rate limiting and abuse prevention measures
- Audit logging for critical events and access patterns
- Tenant-scoped authorization checks on all API operations
5. Brute-Force and Abuse Prevention
Pygentech applies protective controls to reduce credential abuse and automated attacks.
- Login throttling and request rate limiting
- Monitoring for repeated failed authentication attempts
- Automated blocking mechanisms for suspicious traffic patterns where applicable
- Security logging to support investigation and response
6. Operational Monitoring & Response
Systems are monitored to ensure availability, reliability, and rapid response to anomalies.
- Service health monitoring and availability checks
- Alerting for abnormal traffic, error rates, and system anomalies
- Incident handling processes to investigate and mitigate operational disruptions
- Controlled access to production environments
7. Secure Development Practices
Pygentech applies disciplined engineering practices designed to reduce risk.
- Environment separation (development vs production)
- Secure secrets management practices
- Dependency and update discipline to reduce exposure to known vulnerabilities
- Change control practices aligned to reliability requirements
8. Compliance & Governance Readiness
Pygentech supports institutional expectations around accountability and auditability.
- Audit-ready reporting outputs and activity logging
- Data handling practices aligned to privacy and institutional governance
- On-request security documentation for institutional evaluation
9. Shared Responsibility Model
Security is a shared responsibility between Pygentech and the deploying institution.
Pygentech Responsibilities
- Platform security controls, isolation, and monitoring
- Operational safeguards and technical technical measures
- Secure delivery mechanisms for intelligence outputs
Client Responsibilities
- Secure management of user accounts and internal access
- Internal governance for intelligence output use
- Secure handling of exported reports once delivered
10. Security Contact
To report a suspected security issue or vulnerability, contact our security desk for prioritized review.
security@pygentech.co.zw →