Compliance · Security
Security built for money.
Defense-in-depth across infrastructure, keys, and access — designed to protect customer funds and data.
Security at Stellus starts from the assumption that we're a target. We apply layered controls across our infrastructure, encrypt data in transit and at rest, enforce least-privilege access, and separate duties around any operation that touches funds or keys.
Our controls
- Encryption
Data encrypted in transit and at rest, with modern cipher suites and rotation.
- Access
Least-privilege, role-separated access with mandatory MFA and audited activity.
- Key management
Keys protected under HSM-backed controls with multi-party approval for sensitive operations.
- Monitoring
Continuous logging, anomaly detection, and incident response.
- Testing
Regular independent penetration testing and code review.
Read our security overview.