Security at Falconer

Yes. Falconer is built with enterprise-grade security from the ground up. We deploy on AWS infrastructure with automated backups, security group restrictions, and encrypted data storage. All data is stored in secure, isolated environments with strict access controls.

Falconer is SOC 2 Type II certified. We work with Vanta for security and compliance management, and all team members complete mandatory security awareness training.

Falconer implements granular access controls at multiple levels:

Tenant isolation: Each organization's data is completely isolated from other customers.
Selective access controls: Control which workspaces and folders are accessible to Falconer.
User permissions: Manage who can view, edit, and publish documents within your organization.
Integration permissions: Granular control over which repositories, Slack channels, and other sources Falconer can access.

We follow a defense-in-depth approach with two-layer access control: route middleware redirects unauthorized users, and API procedures verify access permissions.

All Falconer infrastructure runs on AWS, with automated backup and audit logs. This ensures the system's optimal security, resilience, and auditability.

Yes. For Enterprise customers, Falconer supports bring-your-own-key (BYOK) for AI models, allowing you to use your own API keys for services like OpenAI or Anthropic. This ensures your AI interactions remain under your control and billing.

Falconer offers flexible deployment models to meet your security requirements:

Cloud-hosted: Fully managed by Falconer on AWS infrastructure.
VPC deployment: Isolated single-tenant deployment within a managed Virtual Private Cloud.
Bring your own cloud: On premise deployments available for organizations with strict data residency requirements.

We work with customers to determine the right deployment model based on budget, and compliance and security needs.

Falconer is designed to handle sensitive organizational knowledge securely:

Selective data ingestion: Choose exactly which repositories, documents, and channels Falconer can access.
No unauthorized access: Strict controls prevent access to data outside your approved scope.
Encrypted connections: All data transmission uses industry-standard encryption.

Our security practices include:

SSO login: Required on all team accounts.
Security awareness training: Mandatory for all employees via Vanta.
Regular security reviews: Ongoing audits and compliance checks.
Secure development practices: Code review processes and automated security scanning.
Incident response: Documented procedures for security events.

Absolutely. Falconer provides granular control over data access:

Repository-level control: Select specific GitHub repositories to connect.
Resource selection: Granularly choose which documents or folders from Notion, Confluence, or Google Drive you share with Falconer.
Channel filtering: Control which Slack channels Falconer can read.
Document-level permissions: Manage access to individual documents and collections.

You maintain full control over what information Falconer can access and process, and who among your workforce gets access to any resource.

Falconer uses secure authentication mechanisms:

OAuth integration with your existing identity providers.
Session management via secure encrypted cookies.
Automatic credential rotation and secure token storage.

You maintain ownership of your data at all times. If you choose to stop using Falconer, we provide:

Data export capabilities to retrieve your content.
Clear data deletion procedures upon request.
No vendor lock-in for your organizational knowledge.

For detailed security discussions or to review our security documentation, please contact our support channels. We're happy to provide additional information about our security architecture, compliance roadmap, and specific controls relevant to your organization's requirements.