Security
Last updated 10 June 2026
Your cap table is sensitive — ownership, identities, and financial details. We treat it that way. This page summarizes how we protect it; we’re also building toward a formal SOC 2 examination.
Encryption
All traffic is served over TLS with HSTS. The most sensitive fields — tax identifiers (SSN/EIN) and bank-account numbers — are encrypted at the field level with authenticated AES-256-GCM before they ever reach the database, on top of the provider’s encryption at rest. Passwords are hashed with Argon2id and never stored in the clear.
Access control & isolation
Access to a company’s data is scoped to that company’s workspace and to your role within it — enforced on every request, so one workspace can never see another’s data. The most sensitive data (like decrypted tax IDs in an export) is restricted to workspace admins. Export is always available and never paywalled.
Integrity & audit trail
Changes to your cap table are recorded in an append-only, tamper-evident ledger — each entry is cryptographically chained to the one before it. A nightly integrity job rebuilds your cap table from scratch and verifies it matches, so silent corruption or tampering is detectable.
Secure development
Every change is peer-reviewed and must pass automated security checks before it ships: static analysis, secret scanning, dependency auditing, and custom rules that enforce our authentication and access-control boundaries. Dependencies are kept current automatically.
Your data, your choice
We never sell your data, and we never email your stakeholders without your explicit, per-message authorization. Our data schema is open and published, so you’re never locked in.
Reporting a vulnerability
Found a security issue? We’d genuinely like to hear from you. Email security@tenacap.com (see our security.txt). We welcome good-faith reports and won’t pursue researchers who act responsibly — please avoid privacy violations, data destruction, and service degradation while testing.