Security

Security that fights back.

Most systems just lock the door. SIMEZU also wastes an attacker's time and records every move in a log you can verify end to end.

RS256
Signed tokens with JWKS rotation
85+
Tables of audited, sovereign data
GDPR
European compliance by design
Deception-first defense

Make intrusion expensive.

Honeypots and canaries

Trap endpoints and canary tokens that only an intruder would ever touch.

Progressive tarpit

Suspicious clients slow down tier by tier: jitter, then delay, then a block.

Anomaly detection

Probe patterns, swarms and permission velocity, flagged in real time.

MFA and lockout

TOTP, rate limits and account lockout protect every sign-in path.

Access control

You decide who gets in, and who never does.

Allowlist trusted users and IPs, blocklist bad actors, and enforce policy per environment. A ban cascades across every connected app and group, so it sticks everywhere at once.

Allowlisting

Restrict an environment to named users, teams or verified email domains.

Blocklisting

Block users and IPs outright; every sign-in attempt is refused immediately.

Ban cascade

A ban propagates to every connected app, app-group and platform group at once.

Per-environment policy

Forced login, access restriction and SSO scope, set independently per surface.

Sign-in hardening

Every door is locked, watched and rate-limited.

MFA (TOTP)

Authenticator-app two-factor, enforceable for admin and high-risk roles.

Rate limiting

Per-IP and per-account throttling stops credential stuffing at the edge.

Account lockout

Repeated failures lock the account and notify the owner by email.

RS256 + JWKS

Asymmetric token signing with rotating public keys you verify locally.

Tamper-evident

An audit log you can prove.

Every action is HMAC-chained to the one before it. Change a single record and the chain breaks, so you always know the log is intact.

Verifiable chain integrity on demand
European hosting, so your data stays in the EU
Right to access and erasure built in
audit.log
# each entry signed with the previous hash
login.success   user=4f9a  prev=0a3c…
token.issue     actor=user  prev=8b21…
scope.grant     app=simuze  prev=c47e…
chain verified ✓ 0 breaks
People working securely on their laptops

Built to be trusted.

European infrastructure. GDPR by design. Your data stays yours.