Security

This is a placeholder draft of our Security statement, provided while the final version is prepared. To report a security concern, email securityteams@ensosolutions.com.

Security is the core of what we do. PulseState exists to help organisations continuously prove their defences work — and we hold ourselves to the same standard. This page summarises how Enso Solutions protects the PulseState service and website.

Our approach

• Continuous validation. The PulseState platform is built on Pentera's automated security validation technology, safely and continuously testing for exploitable weaknesses.
• Defence in depth. We apply appropriate technical, physical and organisational controls in line with Article 32 of the GDPR.
• Trusted infrastructure. Our cloud providers maintain recognised certifications such as ISO 27001 and PCI DSS.
• Least privilege & training. Access to data is restricted on a need-to-know basis, and our people are trained in secure, confidential handling of information.

Website & data

The PulseState website is served over HTTPS. Enquiry form submissions are transmitted securely and delivered to Enso; we never sell or share your details. See our Privacy Policy for how we handle personal data.

Responsible disclosure

If you believe you have found a security vulnerability in the PulseState website or service, we want to hear from you. Please email securityteams@ensosolutions.com with enough detail to reproduce the issue. We ask that you give us a reasonable opportunity to investigate and remediate before any public disclosure, and that you do not access or modify data beyond what is necessary to demonstrate the issue. We will acknowledge legitimate reports and keep you updated on our progress.

Contact

Security team: securityteams@ensosolutions.com
Enso Solutions Limited, 7 Castle Street, St Helier, Jersey, JE2 3BT