FIPS 140-3
OS-level CMVP-validated cryptography (NIST CMVP #4823, #4750).
Trust & Security
Built for environments where data sovereignty is non-negotiable
logrok is designed for classified, air-gapped, and regulated networks. Here is exactly what that means — every claim maps to a control you can verify in an evaluation.
Compliance & standards
DISA STIG
Hardened to Defense Information Systems Agency security benchmarks.
CIS Level 1
Center for Internet Security baseline hardening.
NIST SP 800-53
Aligned with the security controls for federal information systems.
CMMC Level 2
Supports controlled unclassified information (CUI) handling.
OCSF v1.3
Open Cybersecurity Schema for vendor-neutral detection and allied interop.
Deployment & data sovereignty
Zero telemetry
logrok makes no call-home. Nothing about your environment is sent anywhere.
Air-gap capable
Offline container images and offline license activation — runs with no internet path.
Your perimeter, your data
All collection, detection, and storage happen on infrastructure you control.
Security architecture
Encryption at rest
AES-256-GCM with per-tenant data-encryption keys.
Strong authentication
MFA / SSO via FIDO2, YubiKey, Passkeys, and CAC/PIV smart cards.
Tamper-evident audit
Append-only audit trail of every platform action, attributable per user.
Access control
Role-based access control (Casbin) with fine-grained resource permissions.
Tenant isolation
Defense-in-depth multi-tenant isolation enforced by database row-level security.
Encrypted secrets
Credentials and integration secrets stored encrypted at rest.
Responsible disclosure
Found a security issue? Email security@logiqum.com with details and we'll respond promptly. We appreciate coordinated disclosure.