Trust Center

Public trust signals for an early governance vendor.

Faultline is designed for teams that expect scrutiny. This page collects the public security, legal, procurement, and status materials available before a formal enterprise review.

Current posture

No source upload required by default.

Public materials are intentionally conservative: no invented certifications, customer logos, or incident-prevention claims.

Procurement signals

What a reviewer can inspect now.

Security posture

Metadata-only ingestion by default, OIDC/RBAC, PostgreSQL RLS, rate limits, encrypted integration secrets, and signed evidence exports.

Certification status

No formal certification is claimed on this site. SOC 2 Type II is planned and will be updated here when in progress.

DPA readiness

A procurement overview is public. Enterprise DPA review is available for teams moving from pilot to paid contract.

Customer proof

Public logos and case studies are not claimed until customer references are approved.

Data boundary

The scanner runs where code already lives. Enterprise ingests metadata-only snapshots by default, not source code.

Security contact

Security review requests and vulnerability reports can be sent to security@gofaultline.dev.

Trust links

Review the public packet.

Security controls Privacy policy Terms of service DPA readiness Status notes Sample evidence pack