AWS
Azure
GCP
SSL · TLS 1.3
KYC
RIGHT
SOURCE
Server
Database
Backup
Deployment

Run it where your policy says it must run.

Multi-tenant cloud SaaS, dedicated single-tenant private cloud, or an on-premise bundle for regulated environments — the same API, the same dashboard, the same SLAs across all three.

Most Popular

Cloud SaaS

Multi-tenant, fully managed by us. Best price-per-scan. Day-one access from anywhere.

  • Zero infrastructure overhead
  • 99.99 % uptime SLA
  • Auto-scaling across regions
  • Continuous list updates
Single-Tenant

Private Cloud

Dedicated environment in your VPC (AWS, Azure, GCP). Choice of data residency, dedicated keys.

  • Customer-managed encryption keys
  • Data residency in CA · UAE · ZA · EU
  • VPC peering, PrivateLink endpoints
  • Quarterly penetration-test reports
Air-Gapped

On-Premise

Containerised bundle deployed inside your infrastructure. Full sovereignty for regulated banks & defence.

  • Helm chart / Kubernetes ready
  • Offline list-update bundles
  • Zero outbound dependencies
  • Optional vendor-supported HA
Security & Infrastructure

Hardened by default. AI-monitored 24/7.

Every deployment ships with end-to-end encryption, DDoS protection, daily encrypted backups, and AI-driven threat detection — no add-on required, no upsell at renewal.

Encryption

SSL / TLS 1.3

End-to-end encryption on every API call and dashboard session. Perfect-forward secrecy, HSTS preload, OCSP stapling.

At rest

AES-256 at rest

All stored data encrypted with AES-256-GCM. Customer-managed keys (KMS / HSM) on Private Cloud and On-Premise tiers.

Edge defence

DDoS mitigation

Multi-Tbps anycast scrubbing at the edge. Layer-3, 4 and 7 attacks absorbed before they reach your tenant.

Application

WAF — OWASP Top 10

Managed Web Application Firewall covering injection, XSS, CSRF, broken auth and the rest of the OWASP catalogue. Custom rules supported.

AI · Detection

Anomaly detection

ML model scores every session and API call in real time — unusual geo, unusual volume, unusual entity-graph deviations get auto-flagged.

AI · Response

Auto-triage threats

Suspected incidents are clustered, deduplicated and ranked. Your security team gets one prioritised queue, not a flood of alerts.

Resilience

Multi-region failover

Active-active across two regions per residency zone. RTO < 30 seconds, RPO < 5 seconds. Failover is transparent to your callers.

Backup

Encrypted backups

Daily snapshots, encrypted with separate keys, retained 30 days by default. Point-in-time recovery to any second within the last 7 days.

99.99%
Uptime SLA · last 90 days
All Regions
Operational
90 days agoToday
Compliance posture

Audit-ready out of the box

ISO 27001:2022, GDPR & PIPEDA, PCI-DSS aligned, FINTRAC-ready. Quarterly penetration tests on Private Cloud and Enterprise tiers; reports available on request.

Compare

What changes between the three.

CapabilityCloud SaaSPrivate CloudOn-Premise
REST API & dashboard
Daily list refreshOffline bundle
Customer-managed encryption keys
VPC peering / PrivateLink✓ (internal)
Outbound network dependenciesHTTPS onlyHTTPS onlyNone
Multi-region failoverBuilt-inOptionalCustomer-managed
Time to liveSame day~2 weeks~4 weeks
SLA tier99.99 %99.99 %Per contract
Data Residency

Pick the region your regulator wants.

Your screening data sits in the region you choose. We never replicate across borders without a contracted reason.

🇨🇦 Canada · Toronto
🇺🇸 United States · Virginia
🇲🇽 Mexico · Querétaro
🇪🇺 European Union · Frankfurt
🇬🇧 United Kingdom · London
🇮🇪 Ireland · Dublin
🇩🇪 Germany · Frankfurt
🇫🇷 France · Paris
🇳🇱 Netherlands · Amsterdam
🇪🇸 Spain · Madrid
🇮🇹 Italy · Milan
🇸🇪 Sweden · Stockholm
🇳🇴 Norway · Oslo
🇨🇭 Switzerland · Zurich
🇦🇪 UAE · Sharjah
🇸🇦 Saudi Arabia · Riyadh
🇶🇦 Qatar · Doha
🇧🇭 Bahrain · Manama
🇰🇼 Kuwait · Kuwait City
🇴🇲 Oman · Muscat
🇮🇱 Israel · Tel Aviv
🇿🇦 South Africa · Pinetown
🇸🇬 Singapore · Singapore
🇯🇵 Japan · Tokyo
🇰🇷 South Korea · Seoul
🇹🇼 Taiwan · Taipei
🇮🇳 India · Mumbai
🇦🇺 Australia · Sydney
🇳🇿 New Zealand · Auckland
🇧🇷 Brazil · São Paulo
🇨🇱 Chile · Santiago
No hosting in sanctioned jurisdictions. We do not provision infrastructure in regions designated under OFAC, UN, EU or HM Treasury sanctions programmes — including (without limitation) the Russian Federation, the Islamic Republic of Iran, the People's Republic of China, the Democratic People's Republic of Korea, Belarus, Cuba, Syria, Venezuela, Myanmar, the non-government-controlled areas of Ukraine, and other restricted territories. New jurisdictions are added only after a current FATF and sanctions-screening review.
Get Started

Choose your path. We'll help you ship.

Tell us your jurisdictions and infrastructure constraints — we recommend the right deployment in 24 hours.

Talk to Sales
Empowered by
Certified ISO 27001 ISO 9001 ISO 20000-1 ISO 22301 GDPR PCI DSS PEPPOL Access Point