Trust

Security

Technical security controls for the Remvx platform - structured for MSP security reviews, enterprise questionnaires, and certificate authority verification.

Document revision
2026-06
Security contact
[email protected]
Full security pack
On request

Trust

Security controls

Remvx applies layered controls across the agent, control plane, and remote operations path. The table below summarizes published controls - detailed architecture diagrams and data-flow documentation are included in the evaluation security pack.

  • TLS 1.2+

    All control-plane and API traffic requires TLS 1.2 or higher. TLS 1.3 is preferred where supported by client and infrastructure endpoints.

  • Encrypted communication

    Session payloads and management channels are encrypted in transit. Remote support sessions use AES-256-GCM payload protection on top of the transport layer.

  • Audit logging

    Administrative actions, policy changes, enrollment events, and remote sessions generate attributable audit records scoped per tenant.

  • Role-based access control

    Permissions are assigned by role within each tenant. Technician, administrator, and read-only scopes are enforced at the console and API layer.

  • Session attribution

    Every remote session is bound to a technician identity, tenant context, target endpoint, and timestamp - exportable for client compliance review.

  • Device registration

    Endpoints enroll with a tenant-scoped credential issued during onboarding. Unregistered devices cannot establish a managed session.

  • Agent validation

    Agents authenticate to the relay using mutual TLS. Enrollment state and agent version are verified before operational commands are accepted.

  • Software signing

    Remvx software releases are digitally signed to verify publisher identity and binary integrity. See the Software Signing documentation.

Architecture

High-level data flow

Technician clients connect through the Remvx control plane to enrolled endpoints over mutually authenticated, encrypted channels. Tenant boundaries are enforced at enrollment, policy, and session layers.

Technician client mTLS - RBAC
TLS 1.2+
Remvx control plane Policy - Audit - Relay
mTLS tunnel
Enrolled endpoint Signed agent

Detailed topology diagrams and retention schedules are provided in the security pack during guided evaluation.

Contact

Company & security contact

For security questionnaires, whitepaper requests, or certificate authority review materials, contact our security team directly.

Publisher

Remvx LLC
1309 Coffeen Ave STE 19998
Sheridan, Wyoming 82801
United States

Security

[email protected]

General

[email protected]

Support

[email protected]

See also Security overview and Contact.

Request the full security pack

Architecture diagrams, data retention schedules, and questionnaire responses are shared during guided evaluation.

[email protected] Software Signing