Pulse
Call TrackingReal-Time BiddingRouting PlansIVR BuilderPay Per CallConversation AIAI Quality AnalysisPost-Call TranscriptionFraud IntelligenceAI Real-Time ReportsPayout ManagementClosed-Loop Attribution
Signal
Virtual NumbersNumber IntelligenceAI Predictive DialerCampaignsVisual IVRAI Voice AgentsRevenue BuilderWorkforce ManagementCommunication HubCall Management
Company
PricingBlogCase StudiesIntegrationsEventsAbout UsCareersContact
Sign in
Pulse — pulse.teldrip.comSignal — signal.teldrip.comPartner / Agency login
Try Pulse freeTry Signal freeTalk to sales
Trust & Security

Carrier-grade. Audit-ready.

Hardened infrastructure, documented controls and a security culture that treats compliance as table stakes — not a sales sticker. Here's the detail your security team will actually want.

Security posture

Documented controls, enterprise-ready.

Security documentation and controls for enterprise, healthcare, finance and legal procurement review.

HIPAA (coming soon)

HIPAA controls coming soon · BAA coming soon

GDPR & CCPA / CPRA

Data Processing Addendum · EU representative on record

STIR / SHAKEN

A-level attestation across our tier-1 US carrier mesh

TCPA-aligned

Built-in DNC scrubbing, consent capture and per-record audit trails

ISO 27001 (in progress)

Audit scheduled Q3 2026 · controls already mapped & in production

NANP-aligned

Direct interconnects with the three tier-1 US carriers
99.99%Platform uptime · Enterprise SLA
4×/yearExternal penetration tests
AES-256At-rest encryption · TLS 1.3 in transit
15 minP0 incident response · 24×7
Security controls

What we ship, by default.

Eight categories of controls, all enabled out of the box on every plan — no opt-in required.

Infrastructure security

Active-active across US-East and US-West regions on isolated VPCs. Tier-1 carrier interconnects with redundant fiber paths. 24×7 monitoring by our US-based SRE team.

Encryption

TLS 1.3 in transit (older TLS rejected). AES-256-GCM at rest. Per-tenant encryption keys available on Enterprise. Hardware-backed KMS with quarterly rotation.

Identity & access

SSO via SAML 2.0 and OIDC. SCIM provisioning. Role-based access with deny-by-default. Mandatory MFA for all internal Teldrip access — hardware keys for production.

Audit logging

Per-tenant immutable audit logs of every administrative, configuration and data-access event. Streamable to your SIEM in real time (Splunk, Datadog, Sumo, S3).

Data residency

Pin Customer Data storage to US-East, US-West or EU regions. Enforced at the storage layer with policy-as-code. Cross-region replication is opt-in only.

Network security

Web Application Firewall, DDoS mitigation and bot management at the edge. Outbound traffic egresses through a managed proxy. No inbound public ingress to data-plane services.

Vulnerability management

Quarterly penetration tests by an independent US-based firm. Continuous SAST and dependency scanning in CI. Patch SLA: P0 in 24 hours, P1 in 7 days.

Incident response

24×7 on-call rotation. 15-minute P0 acknowledgement SLA. Post-incident customer notification within 72 hours. Public status page at status.teldrip.com.

Personnel security

Background checks on all hires. Security training during onboarding and quarterly. Zero-trust access to production via short-lived credentials and session recording.

Penetration testing

Tested four times a year, by people we don't employ.

External penetration testing isn't a one-time sales artifact. We run it quarterly on a rotation across application, infrastructure and carrier-edge surfaces.

Q1 — Application security testing (OWASP Top 10, auth flows, IDOR)Q2 — Infrastructure & cloud configuration reviewQ3 — Voice-path & carrier-edge testing (SIP, RTP, SS7 boundary)Q4 — Red-team engagement with phishing simulationReports available under NDA on requestAll findings remediated within published SLAs
Responsible disclosure

Found something? Tell us.

We run a private bug-bounty program with a coordinated disclosure policy. If you believe you've found a security vulnerability in any Teldrip product or property, we'd like to know.

Email security@teldrip.com with a clear description, reproduction steps and your contact details. We'll acknowledge within one business day and update you on triage within five.

Report a vulnerability
PGP key fingerprint:4F22 8C19 7B33 A1E0 6D88 2C71 9A55 EFAA 8D44 1100In scope: *.teldrip.com, pulse.teldrip.com, signal.teldrip.com, api.teldrip.com, mobile apps.Out of scope: social engineering of employees, denial-of-service attacks, physical attacks on offices.Rewards: $250 to $15,000 USD depending on severity. Hall of fame for non-cash recognition.Safe harbor: Good-faith research per our published policy is exempt from CFAA / DMCA action.
Documentation

Procurement-ready docs.

Everything your security, legal and procurement teams will ask for — request via your account or by email.

HIPAA Business Associate Agreement (coming soon)Standard Data Processing Addendum (GDPR/UK GDPR)Standard Contractual Clauses (EU → US)Sub-processor list (updated within 30 days of changes)Network architecture overviewPenetration test executive summaryVendor questionnaire (CAIQ / SIG)
Request documentation

Want to go deeper?

Our security and compliance team is happy to walk through any control or the HIPAA roadmap (coming soon).

Try Pulse free Try Signal freeTalk to sales
7-day free trial on both products · No credit card · Cancel any time