Platform · Architecture & Security
Architecture and security for event-contract infrastructure.
The platform deploys in the topologies institutional buyers actually procure, managed, hybrid, and on-prem, with the operational posture security and risk teams expect from a regulated venue.
Deployment
Managed, hybrid, or on-prem.
The platform is delivered in three deployment shapes. Managed cloud is the fastest path to production. Hybrid splits the operator's control plane and member-firm connectivity from the trading core. On-prem is supported for operators whose jurisdictional or member-firm constraints require it.
Managed cloud
Operated by Vinfotech across major cloud providers with operator-controlled keys.
Hybrid
Split topology with operator-controlled connectivity and managed core.
On-prem
Full on-prem deployment supported for jurisdiction-constrained operators.
Multi-region
Geographic redundancy and DR sites configurable per operator.
High availability & DR
Designed for trading-venue uptime expectations.
Active-active for stateless services, active-passive with deterministic failover for the matching core. Disaster recovery is exercised on a defined cadence with documented RPO and RTO targets. Recovery procedures are operator- runnable.
Deterministic failover
Matching-core failover preserves the deterministic event log.
Documented RPO / RTO
Recovery targets contracted per deployment model.
Exercise cadence
Regular DR exercises with operator participation and documentation.
Runnable recovery procedures
Operator-runnable procedures with reference command-set.
Security posture
SOC 2 alignment, access controls, secrets, audit.
The platform is engineered to SOC 2 alignment, with the control families institutional buyers diligence against. Access is role-based and least-privilege, with break-glass paths fully audited. Secrets are managed with hardware-backed key storage and rotation policies.
SOC 2 alignment
Controls maintained across security, availability, confidentiality.
RBAC & least privilege
Role-based access, break-glass paths, full audit on privileged actions.
Secrets management
Hardware-backed key storage and documented rotation policies.
Audit logging
Every operator action is logged to the immutable audit trail.
Incident response
Defined response, defined communications.
Incident response is documented and exercised. Severity classification, on-call rotation, operator communication cadence, and member-facing communications are all pre-defined. Post-incident review feeds into platform hardening on a transparent schedule.
Severity classification
Documented categories with operator-visible response posture.
Communication cadence
Defined operator and member communications during incidents.
Post-incident review
Structured PIRs shared with operator security and risk teams.
Vulnerability management
Coordinated disclosure programme and scheduled remediation.
Continue reading
Related
Run a security and architecture review.
We are happy to walk through control mappings, deployment topology, and DR posture with your security and infrastructure teams.