Trust Center

Enterprise buyers need evidence, not claims. This page summarizes the controls, architecture safeguards, and proof package available during security review.

ARCHITECTURE

Reinventing Security with patented architecture

Astran is secure and resilient by design. Our patented cryptographic architecture makes critical data usable during disruption, without relying on a single cloud, a single key, or a single point of failure.
  • Design and execute multi-step, multi-branch processes with strong RBAC controls across process actions and data access
  • Patented AONT-RS cryptography stream and fragmentation for controlled access
  • Multi-cloud, immutable storage for availability under crisis
  • Universal keyless API and identity management system enabling fully independent execution under disruption
Our cryptographic architecture is validated by Professor Nigel Smart (KU Leuven — co-inventor of ECDSA, former President of the IACR) and Professor Ludovic Perret (Sorbonne — contributor to the NIST post-quantum standardization process), both referenced in the NIST multi-party threshold cryptography workshop.

Astran patented security architecture: executed process, AONT-RS cryptography stream, and distributed immutable storage

COMPLIANCE

Certification & continuous testing

Independent assurance, continuous testing, and a clear control maturity roadmap.

SOC 2 - Type 2 certification badge
Astran is SOC 2 - Type 2 Certified

Independent audits validate controls for security, availability, and confidentiality.

WhiteBox penetration testing icon
WhiteBox Pentest – Security Always On

Regular white-box penetration testing identifies and mitigates exploitable vulnerabilities.

ISO 27001 program icon
ISO 27001 (in progress)

The ISO 27001 certification path is underway to reinforce governance and control maturity.

SECURITY DUE DILIGENCE

Security package available on request.

SOC 2 Type II executive summary, security architecture brief, standard procurement questionnaire responses, and penetration testing attestation.

Request the package →

RECOGNITION

Awards and recognitions

Recognized by cybersecurity and finance ecosystems for innovation, resilience, and execution under crisis.

Les Assises 2025

Innovation Award at Les Assises de la Cybersécurité.

Treasury Innovation Day 2025

Recognized with the Security Prize for resilient treasury execution.

Ciso’s Choice Award 2024: Europe’s Most Promising CyberSecurity Solution

Awarded by a panel of enterprise CISOs at ECSO.

Winner of the European Cybersecurity Competence Centre Access2Market Award

Recognized during European Cyber Week for market impact.

The Jury's Favorite Award at FIC 2023

Distinguished by the FIC expert jury in Lille.

Laureate of the 2024 I-Nov competition

Selected for innovation potential and economic impact in France.

Part of a NIST standardization process

Research contribution recognized in threshold and AONT-related work.

Part of the SecNumCloud Acceleration Program

Selected by French institutions to accelerate trusted cloud readiness.

Part of the Government’s investment program “PIA-4”

Supported through the national research and innovation framework.

Winner of the 2022 I-Lab competition

Recognized for building a high-potential deep-tech venture.

REGULATORY ALIGNMENT

Aligned with operational resilience frameworks.

DORA — Art. 11

ICT business continuity execution capability

AlwaysReady aligned — audit evidence available on request

NIS2 — Chapter IV

Operational continuity and recovery measures

AlwaysReady aligned — audit evidence available on request

ISO 22301

Business continuity operational procedures

AlwaysReady aligned — audit evidence available on request

UK PRA / FCA

Operational resilience impact tolerance

AlwaysReady aligned — audit evidence available on request