Access control
Role-based access, least-privilege administration, secure session handling, and audit trails for sensitive actions.
Trust Center
Security and transparency for serious teams
Shomar is built to help engineering and compliance teams scan code, manage evidence, and make security decisions with clear controls around customer data.
Data protection
Encryption in transit, restricted production access, customer data minimisation, and retention practices aligned with customer agreements.
Secure development
Code review, dependency monitoring, vulnerability triage, and security checks across application and infrastructure changes.
Operational response
Incident intake, severity classification, containment workflows, customer notification planning, and post-incident review.
Compliance coverage
The platform maps findings and evidence to regional privacy obligations and common application security standards. Formal certifications are tracked as part of the enterprise roadmap.
POPIANigeria NDPRKenya DPAOWASP Top 10ISO 27001 roadmapSOC 2 roadmap
Data handling
Customer repositories, scan findings, compliance evidence, and integration metadata are processed to deliver the product, support customers, protect the service, and meet legal obligations. Customers can request data export or deletion through support.
Security contact
For security reviews, responsible disclosure, data processing requests, or procurement questionnaires, email security@shomarsec.com.