Malbek integrates artificial intelligence (AI) throughout the digital contracting workflow to enhance automation and streamline contract management. Security and data privacy are at the core of our AI approach. When leveraging external large language model (LLM) APIs, Malbek strictly adheres to the terms of service of each provider and only engages with vendors that uphold our rigorous data protection standards. This means that client inputs, outputs, embeddings, and training data are never shared with customers, are never accessible to the LLM vendor, are never used to improve LLM models or train future AI models, and are never utilized to enhance third-party products or services. At Malbek, your data remains your data. We extend the same stringent data protection commitments to our customers that we require from all our partners, subcontractors, and sub-processors.

Yes, our REST API framework allows customers to integrate with other solutions where we don’t have productized connectors yet. This solution offers the extensibility and security that organizations expect in enterprise-grade Software as a Service (SaaS) solutions, while reaping the benefits of lower operating costs and improved governance, and policy-based controls.

In the event of a disaster which interferes with Malbek’s ability to conduct business from one of its offices, this plan is to be used by the responsible individuals to coordinate the business recovery of their respective areas and/or departments. The plan is designed to contain, or provide reference to, all of the information that might be needed at the time of a business recovery. The objective of the Business Continuity Plan is to coordinate recovery of critical business functions in managing and supporting the business recovery in the event of a facilities (office building) disruption or disaster. This can include short or long-term disasters or other disruptions, such as fires, floods, earthquakes, explosions, terrorism, tornadoes, extended power interruptions, hazardous chemical spills, and other natural or man-made disasters. A full copy of the disaster recovery policy is available under NDA.

Malbek follows a structured release process to ensure stability, security, and continuous improvement of our platform. Production releases fall into two categories: feature releases and hotfix releases. Feature releases follow a regular cadence, currently occurring monthly but transitioning to a quarterly schedule as Malbek continues to grow. These releases introduce new features, enhancements, and optimizations. Hotfix releases, on the other hand, are deployed as needed to address security vulnerabilities or urgent issues that could impact customer operations. Before any release is deployed to production, it must be certified by Malbek’s QA team to ensure quality and reliability. Additionally, all production releases require an Azure DevOps ticket, which must be opened by a member of the management team to maintain oversight and governance. To keep customers informed, feature release notes are proactively communicated and documented in Zendesk, providing full transparency into new capabilities and improvements.

At Malbek, operational security is a top priority. We implement strict access controls, continuous monitoring, and proactive threat response to safeguard customer data. Our team members undergo comprehensive background checks, receive regular security awareness training, and have role-based access controls to limit data exposure. Our dedicated security team monitors systems 24/7, ensuring rapid detection and response to potential threats. In the event of an incident, we follow a structured response plan, prioritizing transparency and continuous improvement. By combining proactive security measures with industry best practices, Malbek ensures your contracts remain safe and protected.

Yes, Malbek conducts regular third-party security audits and penetration testing to ensure our platform remains secure against evolving threats. Our infrastructure is built on enterprise-grade cloud platforms with multiple layers of security controls, including industry-leading encryption standards, continuous monitoring, and rigorous compliance assessments. Independent auditors evaluate our security posture, and we proactively address any findings to strengthen our defenses. These ongoing efforts ensure that Malbek meets the highest standards of security and reliability for our customers.

Malbek is committed to maintaining the highest ethical standards in everything we do. Our policies include anti-slavery, anti-bribery, anti-discrimination, and sustainability to ensure responsible business practices. We strictly prohibit forced labor and corruption, promote fair and inclusive workplaces, and prioritize sustainability in our operations. These principles guide our decisions and reflect our commitment to integrity, accountability, and social responsibility.