Security & Trust
Security is the foundation of the BeX Enterprise AI platform, not a feature bolted on afterwards. CoolRIOTS builds for the highest-stakes security reviews in regulated industries — governance, auditability, and data residency are designed in from day one. This page summarises our posture; deeper documentation and current audit reports are available under NDA.
Compliance status
Current status:
| Framework | Status |
|---|---|
| ISO/IEC 27001:2022 | Certified · 7 July 2026 (cert. no. SCC/INT/2607CT/30109, QFS Management Systems LLP) |
| SOC 2 Type II | In progress · targeted 2026 |
| GDPR | Compliance in progress |
| PDPA (Singapore / Malaysia) | Compliant |
Certification status is updated here as milestones are reached. For the current status letter or auditor details, contact [email protected].
Architecture & data handling
The BeX platform is engineered so that sensitive data stays under your control:
- Data residency. Your data stays in your environment. BeX deploys to public cloud, private cloud, on-premise, and edge under the Universal Deployment Architecture.
- Air-gap capable. Fully on-premise, zero-external-egress deployments are supported for the most sensitive environments.
- Zero-trust architecture. Identity-first access on every service boundary.
- Role-based access control. RBAC governs every agent action.
- Immutable audit trail. Every agent decision is logged and reviewable.
- Human-in-the-loop. Governance guardrails and approvals where they matter, automated everywhere else.
This website
coolriots.com is a static site served from Cloudflare's global edge. It enforces HTTPS with HSTS, a strict Content-Security-Policy, and standard hardening headers (X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy). The contact form is protected by Cloudflare Turnstile and verified server-side. The site is additionally protected by Cloudflare's WAF and bot mitigation. See our Privacy Policy for how form and analytics data is handled.
Responsible disclosure
We welcome reports from the security community. If you believe you have found a vulnerability, please email [email protected] with details and steps to reproduce. Please give us reasonable time to remediate before any public disclosure. We will acknowledge your report and keep you informed of our progress.
Contact
Security & trust enquiries: [email protected]
CoolRIOTS Pte Ltd · 9 North Buona Vista Drive #02-01, Singapore 138588
