Security
How we protect your data and infrastructure
Data Encryption
- All data in transit is encrypted via TLS 1.3 (HTTPS)
- Passwords are hashed using bcrypt with salt rounds
- Database connections use encrypted channels
- GitHub tokens are stored with application-level encryption
Code Handling
- Repository clones are temporary — deleted immediately after scanning
- We never store your full source code on our servers
- Only scan findings (metadata) are persisted
- Manual paste inputs are truncated to 5KB for history reference
Infrastructure Security
- Hosted on AWS with security groups and VPC isolation
- Regular security patches and OS updates
- Application runs as non-root user inside containers
- Docker images built from minimal base (python:3.12-slim)
- No unnecessary ports exposed
Access Control
- Session-based authentication with secure cookies
- Password reset tokens expire after 1 hour
- Admin access restricted to designated email only
- Rate limiting on authentication endpoints
Vulnerability Reporting
If you discover a security vulnerability in our platform, please report it responsibly:
deploypilotai@gmail.com — Subject: "Security Vulnerability Report"
We aim to acknowledge reports within 24 hours and resolve critical issues within 72 hours.