Compliance

Security & Compliance

Last updated: 2026-02-21

PortWarden is operated by PortWarden, Inc. (a Wyoming corporation). This page describes our security posture and how the Service can support common compliance requirements. This is not legal advice and not a compliance attestation.

---

1) Built for authorized monitoring

• Ownership verification and authorization requirements help prevent abuse.
• Audit-friendly reports provide evidence and timelines (what changed, when).

2) Privacy-first by design

We aim to minimize collection, avoid unnecessary tracking, and keep customer data under customer control. See our Privacy Policy and Data Retention Policy.

3) Security controls (high level)

• Access control: least privilege and role separation where appropriate.
• Encryption: encryption in transit and appropriate encryption at rest.
• Monitoring: logging and alerting for reliability and abuse prevention.
• Change management: controlled deployments and configuration management.
• Incident response: processes for triage, containment, and customer communication.

4) Framework alignment (examples)

Customers commonly map PortWarden outputs into controls for frameworks such as SOC 2, ISO 27001, HIPAA, PCI DSS, and similar programs. Your obligations depend on your business and environment.

5) Responsible claims

We will not claim certifications we don’t have. If you need a formal attestation, we can discuss roadmap and third‑party validation options.