Security First.Privacy by Design.

PulseHold is in MVP stage. This page reflects our current architecture direction and implementation goals.

Security roadmap

Controls we are implementing and validating before general availability

Encryption standards

We are implementing modern encryption primitives for data at rest and in transit, with versioned key management.

Privacy-preserving design

We minimize collected data and design access controls so internal visibility is limited to operational need.

Resilience

We are designing for high availability with staged deployments, backups, and recovery testing.

Billing privacy

Billing options are still being finalized. We will publish supported methods and data-handling details before launch.

Session security

Session management and transport protections are being implemented as part of the authentication rollout.

Independent verification

We plan to publish technical docs and pursue external review as the platform matures.

Technical direction

Encryption profile (target)

At Rest

  • • AES-256-GCM
  • • Argon2id key derivation
  • • Per-record key scoping
  • • Authenticated encryption

In Transit

  • • TLS 1.3
  • • Secure transport defaults
  • • Forward secrecy where applicable
  • • Ongoing hardening

Privacy commitments

Data Collection

  • • Data minimization by default
  • • Limited operational logging
  • • No ad-tech tracking planned
  • • Transparent data policy before launch

Access Control

  • • Least-privilege internal access
  • • Key separation strategy
  • • Authentication hardening in progress
  • • Auditability improvements in roadmap

Compliance and assurance status

• SOC 2: Not certified at MVP stage

• Third-party audits: Not yet completed

• Regulatory alignment: Under review for launch readiness

• Transparency reporting: Planned post-launch

Threat model focus

Privacy Threats

  • • Unauthorized data access
  • • Over-collection of user data
  • • Infrastructure misconfiguration
  • • Metadata leakage risks
  • • Credential compromise

Attack Vectors

  • • Man-in-the-middle attacks
  • • Server compromise attempts
  • • Database breaches
  • • Supply chain attacks
  • • Social engineering

Trust through transparency

We publish what is implemented today and what is still in progress so customers can evaluate risk with clear expectations.

Want early access updates?

Join the waitlist for launch announcements and product progress updates.

Join the Waitlist