FAQ
Answers for high-assurance teams
If you don’t see what you’re after, reach out—our security and product teams are happy to dig in.
Who can decrypt Torvus vault contents?
Only policy-compliant recipients with valid approvals. Operators and Torvus staff never receive plaintext—keys remain sealed inside customer-controlled policies, HSM shares, and attested TEEs until release conditions are satisfied.
How does Torvus verify duress triggers?
Duress triggers can come from dedicated hardware buttons, passphrase entry, or detection heuristics. Each trigger is authenticated with the operator’s keys and recorded in an immutable log so responders can prove when a pause occurred.
What happens if a policy misfires?
Policy dry-runs show which predicates pass or fail before activation. Runtime guardrails permit emergency pause, while audit trails expose the exact signals that influenced a release so teams can adjust policies quickly.
Can Torvus integrate with our compliance tooling?
Yes. Audit logs and provenance receipts are available via streaming APIs and scheduled exports. Governance teams can feed Torvus evidence into GRC, SIEM, or digital forensics pipelines.
Where is customer data stored?
Primary regions are Australia and the EU with customer-controlled residency controls. Sensitive workloads can run in dedicated environments with attestation packages tied to each release.
How can we join the private beta?
Sign up for updates and share operational context. We’ll align you with a cohort that matches your controls, data sensitivity, and oversight requirements.