Prodegy Vault Enterprise gives regulated organisations access control, audit integrity, and evidence exports to support security reviews and compliance programmes. We ship controls first; formal SOC 2 / ISO attestations for the service are planned — we do not claim them today.
AES-256
Client-side encryption
99.99%
Enterprise SLA
100%
Zero-knowledge
24/7
Dedicated support
Frameworks we build controls for
Labels describe product control areas — not issued certificates. See compliance readiness for detail.
What you get immediately
Enterprise capabilities
From identity federation to compliance-oriented evidence exports — every enterprise feature ships as a first-class module, not an afterthought.
Connect Okta, Azure AD, Google Workspace, or any SAML 2.0 identity provider. Users authenticate through your existing IdP — no separate credential set required. (Shipping Q2 2026.)
Automate user lifecycle management — provision, deprovision, and update vault access as employees join, change roles, or leave. Group-based policy assignment syncs in real time. (Shipping Q2 2026.)
Export audit logs, access records, rotation history, and policy configurations in formats that align with what ISO 27001, SOC 2, GDPR, DPDPA, and PCI-DSS programmes typically request — to support your auditors, not as proof of our certification.
Block high-sensitivity secrets from sharing outside approved domains. DLP rules trigger alerts, block the action, and log a violation record — all without requiring user intervention.
Build permission sets beyond Owner/Editor/Viewer. Map vault access to job functions, create approval chains, and enforce least-privilege at the secret level, not just the vault level.
Stream all audit events to Splunk, Datadog, or any SIEM endpoint via webhook. Configure alert thresholds so your SOC team is notified before a violation becomes an incident.
Team members request time-boxed access to sensitive secrets with a business reason. Approvers review, approve, and the access is revoked automatically when the window expires.
Schedule rotation for API keys, DB credentials, and certificates. Rotation events are logged with before/after state so compliance evidence is captured without manual documentation.
Every Enterprise account gets a dedicated Customer Success Manager, a private Slack channel with the Prodegy engineering team, and response SLAs measured in minutes, not hours.
Deployment
Our enterprise onboarding team handles migration, configuration, and team training so your rollout isn't a distraction from the business.
We map your current secrets sprawl, team structure, and compliance obligations to design the right rollout plan.
We configure RBAC, SCIM/SSO, DLP policies, and audit retention to match your security baseline — before your team migrates a single secret.
Bulk import secrets from existing tools (1Password, Bitwarden, LastPass, spreadsheets) with our migration tooling and team walkthrough.
Quarterly reviews, roadmap alignment, and dedicated support ensure Prodegy Vault grows with your security maturity.
Technical and organisational controls designed so you can run serious security and compliance programmes — formal third-party attestations for ProdegyVault are on our roadmap; we are transparent that we are not certified yet.
ISO 27001
Security management practices and evidence you can map to Annex A — we are not ISO 27001 certified as a company until our audit programme completes
SOC 2
Logging, access, and availability practices aligned with common trust criteria — SOC 2 Type II attestation for the service is planned, not claimed today
GDPR / DPDPA
Data minimisation, consent logging, retention, and export tooling to support your privacy obligations — you remain responsible for lawful basis and contracts
PCI-oriented
Encryption, access control, audit trails, and rotation suitable for parts of cardholder environments — scoped use with your QSA; not a PCI DSS label on ProdegyVault
Customer stories
"Prodegy Vault replaced three separate tools we were using for secrets management, document governance, and audit preparation. Exportable trails cut manual prep time ahead of our annual security and vendor reviews."
"The DLP policies alone saved us from a GDPR incident. A contractor tried to share a customer credential with a personal email address — the vault blocked it and alerted me in real time."
"Onboarding 80 engineers took two days, not two months. The RBAC model maps directly to our engineering hierarchy and the audit logs gave our board confidence during due diligence."
Tell us about your team size, compliance requirements, and current tools. We'll design a rollout plan that fits your timeline and security standards.
We'll reply within 1 business day.