Skip to main content
At mixus, security is a top priority. We implement layered controls to protect your data and ensure the integrity of our platform.

Data Protection

  • Transport encryption (TLS) for all application traffic
  • Encryption at rest for all databases
  • Optional end‑to‑end encryption available for enterprise (not enabled by default)
  • Centralized secrets management with automated key rotation

Access Control

  • Role‑based access control (RBAC)
  • Multi‑factor authentication supported (not enforced by default). Organization‑wide enforcement available by request (configured by the mixus team).
  • Single Sign‑On (SSO) available for enterprise. Enabled by request (configured by the mixus team).
  • Centralized logging and expanding audit event coverage

Infrastructure Security

  • Secure cloud infrastructure with regular security patches
  • Restricted database access via IP allowlists; private connectivity options available for enterprise
  • Database auditing and access tracking capabilities
  • Regular security updates and automated monitoring

Data Security

  • Encryption at rest for stored data
  • Role‑based access control for database collections
  • Application‑level field encryption for sensitive secrets (e.g., API keys)
  • Secure and isolated data storage by organization

Compliance and Certifications

We are committed to maintaining the highest standards of security and compliance:
  • SOC 2 Type I: On track to complete in August 2025
  • SOC 2 Type II: In audit; target October 2025
  • ISO 27001: In audit; target October 2025
  • GDPR: Program in progress; data rights (export/delete) supported
  • Independent penetration test completed June 2025 (passed)
  • No security breaches to disclose to date

Security Best Practices

While we implement robust security measures, we recommend following these best practices:
  • Use strong, unique passwords for your mixus account
  • Enable two-factor authentication when available
  • Regularly review your account activity
  • Be cautious about the information you share in public chats
  • Report any suspicious activity to our security team

AI Data Usage

We never use your data to train the underlying AI models. Provider settings are configured to prevent training on customer content.

Have Security Questions?

If you have any questions about our security practices or want to report a security concern, please contact our security team at security@mixus.ai. Explore more details:
  • Data Protection & Encryption → /docs-external/security/data-protection
  • Privacy & Data Rights → /docs-external/security/privacy
  • Compliance Status → /docs-external/security/compliance
  • AI Data Usage → /docs-external/security/ai-data-usage
  • Logging & Auditing → /docs-external/security/logging-auditing
  • Incident Response → /docs-external/security/incident-response
I