Security

A comprehensive security approach

governence-risk-and-compliance-icon

Governance, Risk, and Compliance (GRC)

Our security team develops and enforces policies, procedures, and standards to align with industry best practices and regulatory requirements. GRC ensures compliance, manages security certifications, and mitigates risks. By collaborating with regulators and clients, we demonstrate and maintain Tarabut’s robust security posture through continuous training and awareness.
cloud-security-icon

Cloud Security

Our cloud security approach leverages industry-leading tools to secure our cloud infrastructure. By working alongside our engineering team, we integrate security tools that scan for vulnerabilities, enforce security protocols, and automate incident response to ensure a safe operating environment in the cloud.​
application-security-icon

Application Security

Our security team ensures that all software development pipelines adhere to stringent security standards. They proactively identify and address vulnerabilities during the development phase, ensuring that application threats are remediated before reaching production. Regular testing and guidance help to maintain secure and compliant application infrastructures.
security-operations-icon

Security Operations

We monitor all Tarabut systems and services around the clock, providing 24/7 security oversight to detect and respond to potential threats. In partnership with trusted security experts, our team ensures swift investigation and resolution of security incidents, maintaining the integrity of our operations.​
security-by-design-icon

Security by Design

Our Security by Design initiative ensures that security is embedded throughout every stage of product and project development. This approach enables Tarabut to build secure, scalable systems from the ground up, fostering a culture of security throughout our organisation and our systems.

Regulators

Sama logo

Central Bank of Saudi Arabia - SAMA

Tarabut is a permitted fintech, authorised by the Saudi Central Bank “SAMA” to operate in Saudi Arabia within the regulatory sandbox. We adhere to SAMA’s Cybersecurity Framework (CSF), which ensures comprehensive risk management and cybersecurity standards. This framework aligns with industry-leading practices like NIST and ISO, promoting strong resilience against cyber threats.  Licensed by Ministry of Commerce (No: 1010682909) and SAMA sandbox number: 44071433 
CBB logo

Central Bank of Bahrain - CBB

As a regulated entity under the Central Bank of Bahrain “CBB”, Tarabut complies with CBB’s regulations, including Volume 5 (Specialised Licensees), which governs capital requirements, risk management, and customer protection. These standards ensure financial integrity and operational security within Bahrain. Licensed by Ministry of Industry, Commerce & Tourism (No: 122765-1) and regulated by the Central Bank of Bahrain (No: ANC/024) 

Certifications

ISO-27001-2022-white

ISO 27001:2022 Certified for Information Security

Tarabut has been ISO 27001:2022 certified since March 2023, demonstrating our commitment to protecting sensitive data and maintaining robust information security protocols. This certification ensures we effectively manage risks, protect intellectual property, and safeguard customer data in line with industry-leading practices

 

Have any questions about security?

If you have any questions about the security measures and standards at Tarabut, please email  
 securityquestions@tarabut.com