Security at Prevu3D
How our multifaceted approach to security keeps your data safe
Prevu3D is committed to the protection of our customers’ data.
We maintain that commitment by ensuring that all the data we store with our systems is secure, private, and available.
We do this by maintaining our practices with the industry’s most rigorous enterprise-grade certifications in security, privacy, and availability. These certifications highlight our transparency and commitment to providing the highest level of service possible for clients.
Compliance and audits
Prevu3D is SOC 2 Type 2 certified. The audit was performed by Prescient Assurance.
Prevu3D is recognized as a Cybersecure Canada compliant organization by Innovation, Science and Economic Development Canada. The audit was performed by CyberSecurity Canada.
Prevu3D’s Cloud Platform is tested for security vulnerabilities by an independent third party at least annually.
Cloud Security
Prevu3D’s AWS environment follows the security recommendations established by the AWS Well-Architected Framework. Accounts isolate different workloads and environments, activity is logged and monitored across the organization and every asset is given minimum access to network and API resources. Prevu3D uses AWS Security Hub, AWS GuardDuty, AWS Inspector and AWS Config to monitor the security of its infrastructure. Production workloads typically use serverless functions or containers to minimize the risks associated with unmanaged AWS EC2 instances.
Data Encryption
Prevu3D always encrypts data at rest and in transit. Data is transferred using TLS1.2 or TLS1.3 with AES-GCM or Chacha20 ciphers. To encrypt data at rest, Prevu3D leverages tools like AWS KMS, Bitlocker and LUKS2 to ensure that drives and cloud storage services keep your data encrypted at all times. Keys are stored in specialized hardware (TPM, HSM, …) to protect against access by a malicious actor.
Access Control
At Prevu3D, the principle of least-privilege is strictly applied to networks, applications and infrastructure. Workstations are isolated from each other and no inbound connections are accepted. This is possible thanks to the use of Zero Trust Network Access services. Prevu3D’s ZTNA strategy also allows for control of access based on strong identity, device security posture and network location. Multi-factor authentication is enforced for every employee, using either time-based OTP or Webauthn with Yubikey. Prevu3D conducts access reviews quarterly.
Vulnerability Disclosure
Prevu3D provides a legal safe harbor to good-faith security researchers. To report security issues, you can reach us at [email protected] or contact us using our VDP form on Federacy. Prevu3D always responds to bug reports within 24 hours.
—–BEGIN PGP PUBLIC KEY BLOCK—–
Comment: User-ID: Prevu3D Security <[email protected]>
Comment: Created: 2025-10-17 12:00 PM
Comment: Expires: 2028-10-17 12:00 PM
Comment: Type: 4096-bit RSA (secret key available)
Comment: Usage: Signing, Encryption, Certifying User-IDs
Comment: Fingerprint: 3C393DE83048E3D9DA46241B7A197E4D1E574E0B
mQINBGjyaKsBEADiq+jZxGHDwL9LC9bz0TFgZ+0zhRxr/GnBgUVyDnjO3JBfVh0g
mpNwvN4DG9PT1WWZvyjDkrflxGibosARq4P2gz+lHoz53jXP646Bt/lxxfNDnUez
H7GtwAqKk5oV/EWYuNYbnwJ6gpg7O54QVvsgY+bnyaaevyYnSKG9tc05ISOPf7/G
P1Irn/n4eOUQEUx80hfiPNKDq1FpzD0l+1+QLYm2V3Of5VcN1zqmeGrlvPB4eac4
Wzt/7omU09IY1GFLCM/+Vpn1vUstIGUafKD9e183bLJI8eIJ88gZ9c4ZXioPHqLl
Hzs/J05Hvc+w/OoVYWAZyqeJszSVS+jfD0hpBkaPwIxRSnlnxYp9WIa/pPr7oS5J
P3PDSYd+OcqmZwlWIxWKL1jyIPYHlx9B0CvHN6jUhj2xNIsgJubEF4V2SlzJwPq5
hlDmwuEnlGlZygCFTttuPlFLpsbNmmvTey9/HcqtnJrOfzXVJQRv1v1aNoBOivPO
lottLKX/FOnPGiQvorOcv2JBgV5RgFI0KRAUw/d0w9ehsJoXmzgUEZX6uM47yoZA
OX9XIbCtIZKyikbxHvRLFwm60Y+Ma9mxP83c/whpqSW5RN1mrwnVtspZ+PpCekw8
GKmqlVyIJ19M1uaR6vW6bofyG3bXae3bYkCwd2wneRQmQtZVZlL4HMgF2wARAQAB
tCdQcmV2dTNEIFNlY3VyaXR5IDxzZWN1cml0eUBwcmV2dTNkLmNvbT6JAlcEEwEI
AEEWIQQ8OT3oMEjj2dpGJBt6GX5NHldOCwUCaPJoqwIbAwUJBaTrVQULCQgHAgIi
AgYVCgkICwIEFgIDAQIeBwIXgAAKCRB6GX5NHldOC2sAD/9Bt6dIrb2KBKPxPwnR
e3oa16IngU/XxcbPb4vId0ixEkn9CP7AOvsLh50hNnML2O35S3BmHt/XNPVTeqTq
TOppmVjHgsEHulKHNJqxSi2oUi9a19yxbLgyCSk8B4WhicgHyA7AogU+RWEmwro1
M+VTaOdIGF0tlcJQaC2rfustzdIBemN8cZ6OgzgA1/8Ay/mXYHsB/ZsJeSN6e3qW
9ylS3MHDC0zq8irben3B5aXVPxy+luLzfEsS+yQULXcRoTLXUOOBzELtXQXi+NM/
cGymmrvo9hnbv7x5JBEoWpqvpZsdWxEnYINB6XjbrKGBixqXREqB9vGGhcBZkekZ
ETrzRHDzRrPJSMeFy3kAqKyDYmgrg8lBiBuwDY/2bxxrSzixnjXPchnSJZ3d43Qz
boJnAwhR7BQDRvBYIgsCSsIVAxdSgVNqjlFNRJaehSWvqo6k3r8ZP6tHDMGRIqGC
E/7XW0k5Fs0aulFWlD/Gfjne4QxXGHnmAVSVKo3FfZmuu2Vz3zaZUK63wNDUZqrO
rTSRZyFFbXbGEp3QsYJmz0n94h/GJkVSK9B4YSXWxrn1nlAF+ObtGQ7e2YGBPTpb
pGdU7KcjAuW8ydrniMLv/WKVlaurn5vwHwsdlGegB4QRKc4A3MrnI81I2mYrBXYD
jfUVOa3I/KQD4hhyfs6ChofeI7kCDQRo8mirARAAvzHXFozzrFPBbWpAPY/ITUeV
PThdjcE/BJ4pkRNtXRJ5zlZSnC44iNrPBWl8TVQCwCr1BIywJLxQMCUHO4rxjh4+
Olq58Vb9RdHX7zWzs38lMZPfXQTnjuoF340MW3YMrPVSJefN3lhHf3Er81yBbo85
mlpIgAA/YbCjfsXU9IOc4QklrE0XOrVcP5skxvtsduKmBmMTaoYXdZDcECkP9DqM
9oYvj2bGyBWvTtA1+l/zDEhiaom+la2wtuAELpcGkT0aQfn++MqwxmiqayfB33t8
LJJRkheHLn6AwCFVmeAmjnHzUrQUnOdZCWnuzTpXEAuXZ74o8WtV/7EJp6OTjaLh
2ozev3sbAGCfkKNEgPoFwBURzZMEYqa/XVlkXbaKZgUb05g7WND+WHU3nvdIFUgf
aEYmHEmgVeAz+OEXi94QiW61n3jZSm1m3Ksnkm+pOxoOPeIg77juIbgiRThl2kwS
BGkaP+T1BrBB9Lv0fEfZ7LzXgvk0BqeVtKG9H232yuMVYKnanR2ZE+VroNcNRi96
5TjXqt28v8naRA0bDyx7q3gKBSH6W+qikfzWgdUs4G4YNE6rFc07JpIaxRYGbbIg
Cwli68dTJG/iJZncWGPHdG1QFeUeFnb454Qh6oKl0MXQFg3VJeQWlm6iHYVHldnV
XiA/Wclb8TScXdyIt9UAEQEAAYkCPAQYAQgAJhYhBDw5PegwSOPZ2kYkG3oZfk0e
V04LBQJo8mirAhsMBQkFpOtVAAoJEHoZfk0eV04LKPEP+wdLQ0UutBkt1tJO8nmW
G+toNaUB+QuXFKmN29ePwQ9i9gMNHx4fB7aoFKo4fmSTrRrDvc9Nop42mQbxfTMx
jEiwRgQZmMHU1eow35xWOaMJdbe5PIagNlfaw4JPgKiCf42js8uro2Evir5wW3Ps
Nb58Lj6g0i/jigIky8PsAysDNAOuiAijUcFpy/zMNDaFDvkPMQmJkLqVGbif2nj8
hVz0hHATaGT5/UlPXOXuV2Zf+ZIbm6nBS1a6PPWdt55SpaZIxND0jFplsab7tfWL
/aFpkNLcwc+F53vmjPAeZJihE1YGQhp7cIzijdziLVIA1rLlmVzNQHeb7X6rwQb3
CQ1CU/LG/QOdn1wWGtS9oBJlkdB/psONHF0q9aI5cjgwNqa3Oxk7QKGFnJx1GJHq
356N32ZrF+K+is/r5a0MkAlVYqqD1WUDmqgRhArGFN/cCOAbn6BaUn+myY4G+Lve
fhQdid5r0ZmAQpjc5q2t63Tqv9NStiYgKlxOGXwhS/6ZF8XFRSgSar9BrVkofjva
/kGHpoS7mrKb1cBqZdep9BDZgMmgQWmgZjv/UUDtGj8VNYgEN4hnF+s8YWeqICfd
gdMd+rdB0vERzAS7IIRut1WBl0Sxr4iJGC7qRy78fnpgraGbotOn4J+lxpExPDwU
a5MESDmEyEVMH99HxeZelaCN
=JcuD
—–END PGP PUBLIC KEY BLOCK—–