Security

Security is part of the product design, not an add-on. Blueprint AI is built read-only, least-privilege, and audit-first.

Architecture

• Read-only inspection. The platform never holds write credentials to your SAP or Dynamics 365 tenants. Every connector is scoped to the minimum read roles needed to compute findings.
• Tenant isolation. Customer data is segregated at the row and request level and protected by Row-Level Security policies enforced server-side.
• Encrypted in transit and at rest. All traffic is TLS 1.2+. Stored data and backups are encrypted at rest.

Authentication & access

• Email + password with strong password policy and HIBP screening.
• Optional SSO (Google) for customer organizations.
• Role separation between regular users and administrators.
• Audit log of sign-ins, scans, and configuration changes.

Operations

• Production change control with reviewed pull requests.
• Continuous dependency vulnerability scanning.
• Runtime error monitoring with alerting.
• Documented incident response with customer notification targets.

Data handling

See the Privacy Notice for what we collect, how long we keep it, and your rights. Configuration snapshots are never used to train third-party AI models.

Reporting a vulnerability

If you believe you have found a security issue, please email info@sapnity.com with a description and reproduction steps. We acknowledge reports within two business days. Please give us reasonable time to remediate before public disclosure.