Security

How we protect your data and infrastructure

Data Encryption

  • All data in transit is encrypted via TLS 1.3 (HTTPS)
  • Passwords are hashed using bcrypt with salt rounds
  • Database connections use encrypted channels
  • GitHub tokens are stored with application-level encryption

Code Handling

  • Repository clones are temporary — deleted immediately after scanning
  • We never store your full source code on our servers
  • Only scan findings (metadata) are persisted
  • Manual paste inputs are truncated to 5KB for history reference

Infrastructure Security

  • Hosted on AWS with security groups and VPC isolation
  • Regular security patches and OS updates
  • Application runs as non-root user inside containers
  • Docker images built from minimal base (python:3.12-slim)
  • No unnecessary ports exposed

Access Control

  • Session-based authentication with secure cookies
  • Password reset tokens expire after 1 hour
  • Admin access restricted to designated email only
  • Rate limiting on authentication endpoints

Vulnerability Reporting

If you discover a security vulnerability in our platform, please report it responsibly:

deploypilotai@gmail.com — Subject: "Security Vulnerability Report"

We aim to acknowledge reports within 24 hours and resolve critical issues within 72 hours.