Overview
We take the security of customer data seriously. This page outlines our intended security practices and will be finalized with our security and legal teams before launch. It does not yet constitute a binding security commitment.
Infrastructure security
Our services run on reputable cloud infrastructure with physical and network protections managed by the provider. [Name the providers and regions, and describe environment isolation.]
Encryption
We aim to encrypt data in transit using TLS and data at rest using industry-standard algorithms. [Confirm exact protocols, key management, and rotation policy.]
Access control
Access to production systems is restricted on a least-privilege basis and protected with strong authentication. [Document SSO, MFA, and the access-review cadence.]
Monitoring and incident response
We log and monitor systems for anomalous activity and maintain an incident-response process. [Define detection tooling, on-call coverage, and customer-notification timelines.]
Compliance
We intend to align our controls with recognized industry frameworks. [List target certifications or attestations only once they have been independently verified — do not publish claims for certifications that have not been completed.]
Responsible disclosure
We welcome reports from security researchers. If you believe you have found a vulnerability, please contact us at hello@skynet.io so we can investigate. [Publish the formal policy, scope, and safe-harbor terms.]
Contact
For security questions, reach our team at hello@skynet.io.