Zen Mesh Trust
Zen Mesh helps teams generate, organize, retain, and export operational evidence for webhook delivery and event processing. This evidence can support your compliance programs — but Zen Mesh does not certify customer compliance, and is not itself certified against any framework.
Trust Areas
| Area | Description |
|---|---|
| Compliance Coverage | How Zen Mesh maps product evidence to common compliance frameworks |
| Evidence | Validation evidence, runtime evidence, export, and retention |
| Security | Security controls, mTLS, HMAC, tenant isolation, cryptographic enrollment |
| Support | Support channels, SLAs, and response expectations |
| Data Handling | Event data, retention, and processing boundaries — documentation in development |
| Subprocessors | Third-party services used in the platform — documentation in development |
| Legal | Terms of service, privacy policy — documentation in development |
What Zen Mesh Trust Is
- A public umbrella for transparency around security, compliance, evidence, and operations.
- A framework for helping customers map operational evidence to their compliance programs.
- A technical hardening initiative (CIS Benchmark alignment) where evidence exists.
What Zen Mesh Trust Is Not
- SOC 2, ISO 27001, PCI DSS, HIPAA, FedRAMP, or any formal certification.
- A compliance determination for your use of Zen Mesh.
- A replacement for your own auditor, compliance team, or legal review.
How to Use This Section
- Security / compliance reviewers — start with Compliance Coverage.
- Operational evidence reviewers — start with Evidence then Security.
- Procurement / legal reviewers — review Evidence export and retention; Data Handling, Subprocessors, and Legal documentation are in development.
Related
- Security Controls — detailed security capabilities
- Evidence Overview — full evidence index
- Current Status — plan readiness and known gaps