Security at Superb AI
Enterprises worldwide trust Superb AI to secure and protect their data pipelines - from ingesting raw data to exporting production-ready datasets.
Trusted and trustworthy
Protecting your data is our #1 priority, which is why we've built proactive risk detection, information governance, and privacy into the core of our platform. Our approach to security is rooted firmly in industry best practices and guided by the needs of customers in highly-regulated industries.
Data stored in the platform is 100% contractually owned by you - and will be forever.
Only people you trust can access your data with role-based access controls.
By default, all data is protected end-to-end using AES-256 encryption.
Thousands of companies, big and small, rely on Superb AI to protect and secure their computer vision data pipelines.
Security program highlights
Superb AI encrypts data at rest and transit using AWS S3 and AWS Aurora RDS. We use tools like AWS Key Management Service (KMS) to manage encryption keys.
Data Retention and Replication
Superb AI backs up all data daily using AWS RDS Backup and Restore. We keep this data for seven days and rigorously test restores every quarter in a developer environment. We also operate replication servers in all database servers for recovery purposes.
Superb AI regularly engages top security experts to conduct network and application penetration testing of the production environment. We also follow extensive in-house QA and vulnerability testing procedures while maintaining separate environments for development.
Superb AI provides role-based authorization in the form of 5 distinct roles (owner, admin, manager, labeler, and reviewer).
Each role has predefined privileges and access restrictions. We also provide full data export history for compliance purposes.
Superb AI uses Amazon Web Services to host our platform and fully utilizes the security products embedded within the AWS ecosystem. We also provide optional read-only access to Amazon S3, Google Cloud Storage, and Azure Blob. Log records are maintained for all actions taken on AWS S3 resources.
Raw data and label information uploaded onto the platform is stored in AWS S3. Other meta information, like meta-data, label meta-data, and project information, is stored within AWS Aurora RDS. All data can be exported at will, and full export logs are provided for management and compliance purposes.
Authentication is performed using industry-standard password policies. We use AWS Cognito, and there is no way to access passwords within the service. For API calls, we provide an SDK/CLI with an access key for API calls. For general id/password login, jwt is used.
Superb AI uses HTTPS for all communication and securely encrypts all protocols. We also use AWS WAF for firewall security, restricting blacklisted IPs for bot traffic or exploitation attempts. Furthermore, no user access to backend data is provided; clients can only access their own data within the platform itself or SDK/CLI using authentication.
Superb AI provides secure integration with Amazon S3, Google Cloud Storage, and Azure Blob Storage with access key authentication. As part of these integrations, we support optional read-only access to your buckets/containers and data assets. Your data, in this case, remains within your servers, and no copies of your data are created (locally or otherwise).
Definitely! Achieving and maintaining SOC-2 Type 2 certification is a significant milestone demonstrating our continued investment into building a safe and secure training data platform over the years. You can request a copy of our latest report through your customer success team or by contacting us here.