Trust Center
Security evidence buyers can review without a founder on the call.
Tenant isolation, RLS proof, backup readiness, audit logging, sub-processors, AI data handling, and incident response in one honest buyer-facing package.
Controls
What IT, finance, and operations teams usually ask first.
Data residency
Southeast Asia deployment design with hosting region confirmed per customer environment and integration set.
Tenant isolation
Application tenant filters are backed by PostgreSQL row-level security evidence for tenant-scoped tables.
RLS proof
RLS coverage matrix, app-role checks, and runtime cross-tenant isolation tests are part of the Postgres parity gate.
Backups and restore
Restore drill runbooks define Alembic parity, tenant isolation smoke, RPO, and RTO evidence expectations.
Audit logging
Security-sensitive and business-critical actions are recorded in tenant-scoped audit events where wired.
AI data handling
AI is positioned as tenant-scoped, minimum-context, advisory assistance with human confirmation.
Review documents
Downloadable diligence notes for serious buyers.
These documents make security, backup, AI, incident, and data residency review easier before procurement asks for a formal pack.
Security architecture
Security architecture review note
A buyer-level map of access, application, data, integration, logging, and deployment controls to review before production.
Review status: Operational security draft. Confirm final controls, legal wording, and customer-specific commitments before contract signature.
Backup and restore
Backup and restore policy
Operational backup expectations, restore drill requirements, and evidence buyers should request before go-live.
Review status: Operational resilience draft. Final RPO, RTO, retention, and deletion terms require commercial/legal approval.
AI data handling
AI data handling policy
How AI features should be scoped, reviewed, and governed when connected to tenant-specific ERP data.
Review status: AI governance draft. Provider terms, training-use, retention, and opt-out obligations must be confirmed per deployment.
Incident response
Incident response process
The severity model, containment workflow, customer communication expectations, and post-incident review path.
Review status: Incident process draft. Support SLA, notification commitments, and breach language require contract/legal review.
Subprocessors and residency
Subprocessors and data residency note
Provider categories, data roles, regional assumptions, and what must be confirmed in the final deployment agreement.
Review status: Subprocessor draft. Final provider list, regions, DPAs, and retention terms must be confirmed for each customer environment.
Legal and security review
Legal and security review checklist
A buyer-ready checklist that separates operational evidence from contractual commitments before production use.
Review status: Review checklist. It helps procurement prepare diligence, but it is not legal advice or a signed data processing agreement.
Data processing review
Data processing review note
A structured review of customer data categories, processors, retention, export, deletion, and AI/integration boundaries.
Review status: Procurement draft. Final DPA, subprocessor, region, retention, and deletion language requires customer-specific legal review.
Evidence
Linked to real repository artifacts.
The Trust Center intentionally points to artifacts and tests that can be reviewed during security due diligence. It avoids unsupported certification claims.
- tasks/artifacts/rls_coverage_matrix_2026-05-06.json
- tasks/artifacts/postgres_parity_coverage_inventory_2026-05-06.json
- tasks/artifacts/rls_production_deploy_runbook.md
- backend/tests/postgres_parity/test_security_rls_parity.py
- docs/INCIDENT_RUNBOOKS.md
- docs/BACKUP_RESTORE_GUIDE.md
Sub-processors
Provider categories to confirm before go-live.
Cloud hosting
Application, database, storage, and backups
Email delivery
Transactional notifications and workflow email
Payment processing
Subscription billing metadata and checkout
Observability
Metrics, alerts, and redacted operational logs
AI provider
Optional tenant-scoped prompt context
LHDN MyInvois
Invoice payload submission when customer credentials are configured
Security Review Pack
What a buyer should ask us to prove.
This checklist keeps the sales process grounded. It gives finance, IT, and operations teams a concrete agenda for due diligence instead of relying on broad trust claims.
Identity and access
RBAC, 2FA/TOTP, SSO readiness, user lifecycle, and admin controls
Tenant data boundaries
Application tenant filters, RLS parity gates, and cross-tenant regression tests
Operational recovery
Backup policy, restore-drill expectation, migration evidence, and rollback workflow
Integration risk
Stripe, LHDN, SMTP, object storage, Redis, and webhook configuration boundaries
AI governance
Tenant-scoped context, human confirmation, prompt/data minimization, and audit logging
Commercial handoff
Export policy, cancellation flow, support channel, and implementation responsibilities
Readiness Boundaries
Clear status beats vague enterprise language.
TwentyCore separates what can be reviewed immediately, what must be confirmed during rollout, and what is not claimed today.
Available for review
RLS coverage artifacts, PostgreSQL parity tests, incident and backup runbooks, AI methodology, and security architecture pages.
Confirmed per customer
Data residency, object storage provider, email provider, Stripe/LHDN credentials, SSO setup, and integration-specific scopes.
Not claimed today
SOC 2 certification, ISO 27001 certification, universal LHDN production approval, or customer-specific audit results before validation.
Plain-language limits
What we will not overclaim.
TwentyCore is not SOC 2 certified or ISO 27001 certified today. LHDN production approval depends on customer credentials and authority validation. AI provider behavior must be confirmed per deployment.