Solutions

Who it’s for

How it works

Meet Molly
Meet Molly
Join the waitlist
Join the waitlist

Security at Overpath

Security at Overpath

Last Updated: 25/12/2025


At Overpath, the security of your data is our highest priority. We have built our platform with a "Security-First" architecture, ensuring that protection is baked into every layer of our technology stack, from code to cloud.

1. Cloud Infrastructure & Resilience

1. Cloud Infrastructure & Resilience

Overpath is powered by Amazon Web Services (AWS), leveraging the same world-class security infrastructure used by the world’s leading financial institutions.

  • Data Residency: Our primary production environment is hosted in the AWS Ireland (eu-west-1) region to ensure high availability and compliance with EU data residency preferences.

  • Network Isolation: We utilize Virtual Private Clouds (VPC) with strict Security Group configurations to isolate our production environment from the public internet.

  • Inherited Compliance: By using AWS, we inherit a foundation that is certified for ISO 27001, SOC 2 Type II, and PCI DSS Level 1.

2. Data Protection

2. Data Protection

We ensure your data is protected both when it is sitting in our databases and while it is traveling to your screen.

  • Encryption at Rest: All customer data stored in our databases and storage volumes is encrypted using AES-256.

  • Encryption in Transit: All data sent between Overpath and our users is encrypted using TLS 1.2 or higher. We enforce HTTPS for all web traffic.

  • Key Management: We utilize AWS KMS (Key Management Service) for secure, hardware-backed encryption key management.

  1. Application Security

  1. Application Security

  • Secure Development: Our engineering team follows secure coding practices. We utilize automated dependency scanning to identify and remediate vulnerabilities before they reach production.

  • Access Control: We enforce the Principle of Least Privilege. Access to production systems is strictly limited to authorized engineering personnel and requires Multi-Factor Authentication (MFA).

  • Identity Management: We support modern authentication standards to ensure secure user access to the platform.

  1. Security Measures

  1. Security Measures

Taking into account the state of the art and the nature of the processing, Overpath shall implement appropriate technical and organizational measures to ensure a level of security appropriate to the risk, including:

  • Encryption: Data at rest (AES-256) and data in transit (TLS 1.2+).

  • Access Control: Multi-Factor Authentication (MFA) and Least Privilege access models.

  • Resilience: Regular backups and disaster recovery protocols via AWS infrastructure.

  1. Organizational Security

  • Employee Training: 100% of Overpath employees undergo mandatory security awareness training upon hire and annually thereafter.

  • Confidentiality: All staff and contractors sign comprehensive Non-Disclosure Agreements (NDAs) before gaining access to any internal systems.

  • Compliance Roadmap: Overpath is currently aligning its internal Information Security Management System (ISMS) with the ISO 27001 and SOC 2 frameworks as part of our 2026 compliance roadmap.

  1. Privacy & GDPR

Overpath is fully committed to GDPR compliance. We act as a Data Processor for our clients and maintain a robust Data Processing Agreement (DPA) and a transparent Sub-processor List.

Definitions and legal reference

Overpath(or this Application)

The property that enables the provision of the Service.

© 2026 Overpath Ltd. All Rights Reserved.

Contact

Contact

Cookie Policy

Privacy Policy

Privacy Policy

Security

Security

Terms of Service

Terms of Service

© 2026 Overpath AI. All rights reserved.

© 2026 Overpath AI. All rights reserved.