Security & Privacy at Canoma
Canoma helps teams create, convert, and upgrade SIEM rules. We process rule text, schema metadata, and business account data (name, email, SSO identifiers). We do not ingest raw logs or special-category data.
Security controls include encryption in transit (TLS 1.2+) and at rest, SSO/SAML/OIDC, RBAC with least privilege, and audit logs for key actions (90-day retention). All outputs pass static schema validation before deployment; you can review side-by-side diffs and rationale.
You choose where Canoma runs: our cloud (UAE by default), your VPC, or on-prem. For private deployments we support BYOK and key rotation. We publish a DPA, a sub-processor list(with 30-day change notice), and a pen-test attestation. Questions? security@canoma.app / privacy@canoma.app.