Security posture

Built to reduce
attack surface.

Zyphv is an intelligence platform for deal teams — not a generic file locker. Security choices are deliberate, documented, and customer-visible where it matters.

Upload policy

Why we accept only PDF, CSV, and TXT.

Office documents like Excel and Word are complex containers that can hide macros, external links, embedded objects, and attack payloads. That structural complexity creates an ever-shifting vulnerability surface we refuse to expose to customers.

Zyphv generates Excel pro formas, IC memos, and reference-call scripts for you — we just don't accept those formats from you. A deliberate security stance, not a product limitation.

Need to upload a spreadsheet or Word memo? Export to PDF (File → Save As → PDF) and upload that instead.

Other controls

Defense in depth, summarized.

Tenant isolation

Schema-per-tenant — no cross-tenant data access, enforced at the data-access layer.

Rate limits & quotas

Per-tenant upload rate limits and vault quotas bound disk pressure per customer.

Parser hardening

PDF page caps, magic-byte validation, and attachment rejection on ingest.

Injection defense

CSV formula-injection sanitization before anything is processed.

Cryptographic trust receipts ship on every completed report — see how verification works →

Enterprise security pack available on request. Last updated June 2026.

Start free