Lazarus General Security

LazarusAI Trust Center

Start your security review
View & download sensitive information
Ask for information
ControlK

Overview

Welcome to Lazarus AI's LazarusAI Trust Center. Our commitment to data privacy and security is embedded in every part of our business. Use this LazarusAI Trust Center to learn about our security posture and request access to our security documentation.

Compliance

SOC 2 Type 2 Logo
SOC 2 Type 2
GDPR Logo
GDPR
GLBA Logo
GLBA
CMMC Logo
CMMC

Lazarus AI is reviewed and trusted by

Sensiba LLP-company-logoSensiba LLP

Documents

REPORTSData Flow Diagram (DFD)
REPORTSPentest Report
REPORTSSOC 2 Report
COMPLIANCEGDPR
PRODUCT SECURITYAudit Logging
PRODUCT SECURITYData Security
PRODUCT SECURITYMulti-Factor Authentication
PRODUCT SECURITYRole-Based Access Control
PRODUCT SECURITYService-Level Agreement
DATA SECURITYAccess Monitoring
DATA SECURITYData Asset Classification
DATA SECURITYData Backups

Risk Profile

Impact LevelSubstantial
Recovery Time Objective24-48 hours
Recovery Point Objective24-48 hours
View more

Product Security

Audit Logging
Data Security
Multi-Factor Authentication
View more

Reports

SOC 2 Report
Data Flow Diagram (DFD)
Pentest Report

Self-Assessments

We are working on our security compliance. We can provide completed questionnaires upon request.

Data Security

Access Monitoring
Data Asset Classification
Data Backups
View more

App Security

Responsible Disclosure
Application Penetration Testing
Code Analysis
View more

AI

AI Governance
Responsible AI Statement
Employee AI Usage

ESG

Anti-Bribery and Corruption
Code of Ethics

Legal

SubprocessorsAmazon Web Services (AWS)-company-logoGoogle-company-logoLambda Labs-company-logoDatadog-company-logoMicrosoft Azure-company-logo
Privacy Policy
Cyber Insurance
View more

Data Privacy

Data Breach Notifications
Data Into System
Data Out of System
View more

Access Control

Access Log Management
Data Access
Device Lock
View more

Infrastructure

BC/DR
Google Cloud Platform
Infrastructure Security
View more

Endpoint Security

Anti-Malware
Disk Encryption
DNS Filtering
View more

Network Security

IDS/IPS
Network Penetration Testing
Security Information and Event Management

Corporate Security

Asset Management Practices
Email Protection
Employee Handbook
View more

Policies

Acceptable Use Policy
Asset Authorization and Monitoring Policy
Asset Management Policy
View more

Security Grades

We are constantly monitoring the security of our website. We will post our grades from public security rating agencies when they become available.

Incident Response

Designated Response Personnel
Incident Reporting Process
Pager Service

Risk Management

Risk Assessments

Asset Management

Asset Classification
Asset Inventories (Hardware/Software)
Asset Tracking
View more

BC/DR

Business Continuity Plan (BCP)
Critical Assets
Data Backup/Backup Protection

Training

Employee Privacy Training
Phishing Training
Security Awareness Training
View more

Change Management

Change Management Program
Change Restrictions
Changes Notification & Verification
View more

Physical & Environment

Access Monitoring
Alarms & Surveillance
Alternate Work Sites
View more

Continuous Monitoring

Automated Alert Response
Automated Compliance Monitoring
Event & Audit Log Management
View more
LazarusAI Trust Center Updates

Lazarus General Security

Copy link
General

A Message from the CISO

At Lazarus AI, our commitment to transparency is as foundational as the technology we build. As we expand our footprint within the European Union, we are proud to share our latest Data Security Statement for EU Deployment.

This document outlines the rigorous technical and organizational safeguards we employ to protect your data. Formally approved on February 9, 2026, by our CTO and myself, this statement serves as a roadmap for how we maintain integrity across our EU-based infrastructure.
Key Highlights of the EU Security Framework

Regional Infrastructure: Our EU microservice infrastructure and databases are hosted via Google Cloud Platform (GCP).

Encryption Standards: All data is encrypted at rest using AES-256 and in transit via TLS 1.2.

Certified Security: All utilized databases and endpoints are managed by Google and maintain SOC-1 and SOC-2 certification.

Controlled Access: Direct database access is strictly limited to authorized software engineers and administrators who have signed formal NDAs.

Third-Party Rigor: We utilize industry leaders—including GCP, Microsoft Azure, OpenAI, and DeepL—to provide high-performance models and optional translation services.

Proactive Data Protection & HIPAA Mode

We understand that different organizations have unique compliance needs. To provide maximum flexibility, we offer an "HIPAA Mode". When enabled, this allows users to forgo the storage of response data on our servers entirely, ensuring that your organization maintains complete control over sensitive outputs.
Our Breach Response Commitment

While we prioritize prevention, we maintain a structured 7-step response plan for any suspected data breach:

Investigation: Immediate verification of the suspected breach.

Dual-Team Deployment: Simultaneous focus on developing a fix and identifying the root cause.

Client Notification: Impacted clients are notified immediately regarding the extent of the event.

Containment: Affected database credentials are reset or blocked.

Remediation: Implementation of software fixes to remove any identified bugs or malfunctions.

Safety Update: Notifying clients of new safety measures once the fix is verified.

Prevention: Working with customers to enforce best practices and prevent future occurrences.

Access the Full Statement

The complete Lazarus APIs Security Statement (EU Deployment) is now available for review in our documentation library. We encourage all EU-based partners to review these protocols to see how we integrate into your existing security stack.

Jon Bethea
Chief Information Security Officer
Lazarus AI