Our Security Practices

We only use industry vetted software and keep a close eye on any reported security exploits. Our number one priority is to keep sensitive data such as secrets or passwords out of any cloud infrastructure.

We do not store your networking device password database. All administrative passwords are stored in your own database such as Azure or Active Directory. We merely forward any authentication requests to your own infrastructure.

We strip out sensitive information such as passwords and keys from your configuration files before anything leaves your data center for offsite backup. Configuration backups will not record secrets unless you enable it.

Every deployment is segmented with a strict "nothing goes in or out" policy.

Only required traffic is allowed by white list.

Each client gets their own dedicated infrastructure with strict access controls in place.

All access to Realm Helm cloud components are logged and require authentication against our dedicated Oauth2 infrastructure using current best practice encrypted authentication flows.

Secrets are NEVER stored or sent unencrypted. Connectivity is only allowed to properly authenticated and authorized services.


All data is hosted in a SOC 2 Type II and SOC 3 Type II certified data center and hosting provider.

We are in the process of becoming SOC 2 certified.

Report a vulnerability

We strive to offer a secure and trustworthy service. If you have any questions, concerns, or would like to responsibly disclose a potential issue, please get in touch with us by email at [email protected].