Security
Keeping your data secure is our highest priority. We follow best practices across infrastructure, application, and operational security to safeguard your data and your trust.
Data Encryption
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. We use managed key services to ensure strict control and logging around data encryption keys.
Authentication & Access Control
SecureBot supports multi-factor authentication and single sign-on. Access is governed by role-based controls and the principle of least privilege. Administrative actions are logged and monitored.
Infrastructure Security
Our platform is hosted on Azure. We leverage VPCs, firewalls, and automated patch management to ensure our infrastructure is secure and resilient.
Application Security
All code undergoes peer review and static analysis. We follow secure development practices and implement protections against XSS, CSRF, and injection attacks.
Compliance & Privacy
We comply with GDPR and are actively working toward SOC 2 Type II certification. Customers can request a DPA or export/delete their data as needed. See our Privacy Policy for more information.
Incident Response
We monitor our systems 24/7. In the event of a security incident, our team follows a documented incident response plan and will notify affected customers promptly.
Responsible Disclosure
We encourage responsible disclosure of security vulnerabilities. If you believe you've found a security issue, please contact us at security@securebot.io.