AtlasHire
Start free trial

Security

Security built for trust

AtlasHire is designed with a SOC 2-aligned security posture. Tenant isolation, audit trails, encryption, and access controls protect your data at every layer.

SOC 2 Aligned
GDPR Compliant
Encrypted at Rest
TLS 1.3
AWS Infrastructure

Core Security Features

Tenant Isolation

Every database record includes tenant boundaries. All API requests are validated against tenant context with authorizer enforcement at the gateway level.

  • Row-level tenant isolation
  • API Gateway authorizer enforcement
  • Cross-tenant access prevention

Encryption

All data is encrypted at rest using AES-256 and in transit using TLS 1.3. Sensitive PII fields use envelope encryption with AWS KMS.

  • AES-256 encryption at rest
  • TLS 1.3 in transit
  • Field-level PII encryption
  • KMS key management

Audit Logging

Immutable audit logs capture every sensitive action including approvals, exports, data access, and configuration changes. Exportable for compliance.

  • Append-only audit trail
  • Action, actor, and timestamp tracking
  • Export to CSV/JSON (Scale plan)
  • Retention configurable

Access Controls (RBAC)

Six granular roles control what users can see and do. Permissions are enforced at both the API and UI level.

  • Tenant Owner - Full access
  • Admin - Manage users and settings
  • Recruiter - Full hiring workflow
  • Hiring Manager - Job-specific access
  • Interviewer - Scorecards only
  • Read Only - View access

SSO & SAML

Enterprise customers can connect their identity provider via SAML 2.0. Supports Okta, Azure AD, Google Workspace, and custom SAML providers.

  • SAML 2.0 support
  • Role mapping from IdP
  • Just-in-time provisioning
  • Available on Scale plan

API Security

API keys use secure hash+salt storage with prefix-based lookup. Keys can be rotated without downtime and usage is tracked per key.

  • Hash+salt key storage
  • Key rotation support
  • Per-key usage tracking
  • Rate limiting per tenant

Compliance

Regulatory Compliance

Built-in features to help you meet GDPR, data retention, and industry compliance requirements.

GDPR Compliance

AtlasHire supports GDPR requirements including the right to erasure (Article 17). Candidates can request data deletion through a secure process.

  • Right to erasure requests
  • Data export on request
  • Consent tracking
  • EU data residency options

Data Retention Policies

Configure automatic data retention rules to archive or delete candidate data after a specified period. Helps maintain compliance with local regulations.

  • Configurable retention periods
  • Archive or delete options
  • 1 to 3,650 day range
  • Per-tenant settings

Background Check Security

Background check integrations use secure webhook endpoints with HMAC signature verification. Results are encrypted and access is logged.

  • HMAC webhook verification
  • Encrypted result storage
  • Access logging
  • Partner isolation

Infrastructure & Operations

AWS Infrastructure

AtlasHire runs on AWS with serverless architecture for security and scalability.

  • Lambda + API Gateway
  • DynamoDB with encryption
  • S3 with bucket policies
  • Secrets Manager for keys

Network Security

Multiple layers of network protection and monitoring.

  • WAF protection
  • DDoS mitigation
  • Rate limiting
  • X-Ray tracing

Operational Security

Secure development and deployment practices.

  • CI/CD with CodeQL
  • Dependency scanning
  • No production access
  • Infrastructure as Code

Enterprise Security Features

Scale plan customers get access to advanced security features including SAML SSO, API access, audit log export, and configurable data retention policies.

    SAML SSOAPI AccessAudit ExportRetention Policies
View Scale plan

Security questions?

Our team is happy to discuss security details, provide documentation, or complete your vendor security questionnaire.

Contact Security Team