Security & Privacy

End‑to‑End Encryption

Protect data at rest and in transit with modern ciphers, strong key management, and zero‑knowledge controls—built for regulated enterprises and zero‑trust architectures.

Automatic Scanning on Upload & Ingest

Automatic Scanning on Upload & Ingest

All externally added files are scanned automatically on upload or ingest before any processing occurs.

Quarantine & Safe Access

Quarantine & Safe Access

Auto‑quarantine suspicious items, block distribution, and enable controlled review.

Detailed Threat Reports

Detailed Threat Reports

Clear verdicts, indicators of compromise, and timestamps to support investigations.

How It Works

Ingest & Identify

Encrypt During Transcoding

Data is chunked and encrypted client‑side or at the edge using envelope encryption.

Scan & Decide

Key Protection

Ciphertexts and keys are segregated; keys remain in KMS/HSM with strict IAM policies.

Notify & Review

Access & Verify

Just‑in‑time decryption, per‑request key grants, and integrity checks on retrieval.

Key Capabilities

Multi‐Engine Scanning

Encrypted Playback HLS

Optional client‑side encryption with customer‑managed keys (CMK) for zero‑knowledge control.

Quarantine Workflow

Bring Your Own Keys (BYOK)

Integrations with AWS KMS, Azure Key Vault, and on‑prem HSMs for per‑tenant isolation.

Hash Allow Block Lists

Granular Policy

Attribute‑ and role‑based access with decrypt scopes, expiry, and revocation workflows.

Threat Alerts & Webhooks

Crypto Agility

Pluggable ciphers and rotation plans to migrate algorithms without downtime.

Frequently Asked Questions

How does VIDIZMO encrypt my media?

VIDIZMO encrypts media during transcoding using AES-128 and applies a second AES-128 key to encrypt the primary key for additional security. Encrypted HLS renditions and supported metadata files are then stored securely.

 

Are all media files encrypted at rest?

By default, only HLS renditions are encrypted at rest. If additional non-HLS encoding profiles are enabled, those renditions are not encrypted at rest. Metadata files like captions and KLV are also encrypted.

 

Does encrypted content support offline playback?

No. Offline playback is not supported for encrypted content due to real-time decryption requirements during HLS playback.

 
Can I download encrypted content?

Yes. Users can request the original file or an MP4 rendition. Downloads are delivered as decrypted files for authorized users.

 
What happens if I disable encryption later?

Previously encrypted media remains encrypted permanently. Disabling encryption only affects new uploads.

 

Enterprise‑grade encryption, simplified

Deploy quickly with secure defaults, then fine‑tune key policies and access controls to your needs.

 
back to top