Security
Security, privacy, and verification at the platform core
We operate with a trust-first security model so hiring activity remains reliable and accountable.
Security overview
A layered protection model
Multiple independent controls secure identity, data, and platform trust states.
Encryption practices
TLS 1.3 in transit, AES-256 encryption at rest, and strict secret management.
Authentication protection
MFA-ready login flows, device/session controls, and anomaly detection.
Identity verification
Document checks, biometric checks, and ongoing integrity validation.
Abuse detection
Behavioral risk scoring and policy enforcement prevent spam and impersonation.
Security architecture
How data and trust states move through the system
Validation, risk scoring, storage, and response are separated by design.
Layer 1 · Intake
Identity checks and role metadata are validated before any trust score is surfaced.
Layer 2 · Scoring
Signals are normalized into trust graphs and continuously refreshed to prevent drift.
Layer 3 · Response
Alerts, escalation playbooks, and audit trails activate when risk thresholds are crossed.
Encrypted storage and transport
Hardened secrets and access control
Continuous abuse monitoring
Incident response
Clear and practiced playbooks
We follow documented escalation steps for containment and transparent communication.
Detection
Signals are monitored continuously with automated and manual review triggers.
Containment
Suspicious sessions are revoked, roles locked, and access isolated.
Recovery
Investigation, user communication, and documented remediations complete the cycle.
Responsible disclosure
We welcome security researchers
Coordinated disclosure is preferred. Report issues at security@vervi.in.
If you discover a security issue, email security@vervi.in with reproducible steps.
We provide acknowledgement within 48 hours and work with the reporter through verification and remediation.
Contact security channel