Keep Users ProductivePredictable Device ProvisioningMake Autopilot Actually WorkStop Configuration DriftClose Vulnerabilities FasterProve Endpoint ComplianceRapid Recovery After Ransomware
The Aiden PlatformSoftware Application Packages
Case StudiesTestimonials
Pricing
Resource LibraryEvents
FAQs
Leadership & Advisory BoardPartnersNews & PressContact Us
Security

Built for Security-First

Aiden is designed for organizations that cannot afford ambiguity in how systems are accessed, software is deployed, or controls are enforced. Our security model prioritizes customer control, minimized attack surface, and independent assurance, without requiring persistent access to your environment.

Security Model Overview

Aiden operates on a customer-controlled execution model. We do not maintain persistent connections to customer endpoints, and we do not require standing network access to customer environments. All execution is explicitly authorized and initiated by the customer.
This approach reduces risk by design. There is no always-on agent, no inbound VPN access, and no continuous presence inside customer networks. Customers remain in full control of when and how Aiden runs.

Independent Assurance and Governance

Aiden maintains the current SOC 2 Type II report covering the Security, Availability, and Confidentiality Trust Services Criteria. The examination is performed by an independent third-party auditor, Schneider Downs, and evaluates both the design and operating effectiveness of Aiden’s controls.
SOC 2 reports are available to customers and prospects under NDA upon request through Aiden support or their assigned technical account manager.

Customer Control and Access Boundaries

Aiden is intentionally designed to operate without direct network access to customer environments.

  • No VPN or inbound network access is required
  • No persistent or always-on endpoint agent is installed
  • Aiden does not maintain standing credentials inside customer systems
  • Execution is customer-initiated and customer-authorized

This model ensures customers retain control over execution timing, scope, and authorization while minimizing the risk associated with long-lived access or background services.

Software Integrity and Supply Chain Security

Aiden deploys software using original, unmodified, digitally signed installation files from the software developer. We do not repackage binaries or obscure deployment artifacts.
Key safeguards include:

  • Signed binaries only, verified prior to deployment
  • Transparent packages visible to customer security tools and engineers
  • Mandatory internal peer review for source code changes
  • Third-party code scanning to detect vulnerabilities and unsafe dependencies

This approach supports supply chain integrity while allowing customers to independently inspect and validate deployed components.

Encryption, Monitoring, and Resilience

All data between Aiden services and customer environments is encrypted in transit and at rest using industry-standard TLS. Software and package repositories are continuously monitored to detect unauthorized changes.


Additional controls include:

  • Continuous system monitoring and alerting
  • Periodic third-party penetration testing
  • Multi-layered backup and recovery practices
  • Least-privileged access controls with enforced MFA

These measures support operational resilience while enabling early detection and response to potential threats.

Secure Repository Synchronization

Customer software and package repositories are synchronized using encrypted, one-time authentication keys approved by authorized personnel on both sides. Once established, neither Aiden nor the customer retains the key.
Each repository is isolated per customer and continuously monitored to ensure integrity.

Enterprise-Grade Security by Design

Aiden’s internal systems and supporting infrastructure use enterprise-grade technologies selected for their mature security controls, reliability, and auditability. Security is treated as a foundational requirement, not an add-on feature.

Questions or Documentation Requests

Customers and prospects may request security documentation, including SOC 2 reports, through Aiden support or their assigned technical account manager.