Security at Sectora
As a security company, we take the protection of your data seriously. We implement industry best practices and undergo regular security assessments to ensure your information is safe.
How We Protect Your Data
Security is built into every layer of our platform
Encryption in Transit
All data is encrypted using TLS 1.3. We enforce HTTPS across all endpoints with HSTS preloading.
Encryption at Rest
Data at rest is encrypted using AES-256. Sensitive fields use additional application-layer encryption.
Passwordless Authentication
We use magic links and passkeys for authentication. No passwords means no password breaches.
Multi-Factor Authentication
Optional TOTP-based MFA for additional account security. WebAuthn/passkey support for phishing-resistant auth.
Role-Based Access Control
Granular permissions control who can access what. Audit logs track all access and changes.
Secure Infrastructure
Hosted on Vercel and Fly.io with automatic security updates. Regular penetration testing and security audits.
Security Practices
We follow industry best practices and continuously improve our security posture. Our team includes security professionals who understand the threats your applications face.
All code changes require peer review
Automated security scanning in CI/CD pipeline
Regular dependency updates and vulnerability patching
Incident response plan with 24-hour SLA
Annual third-party security audits
Employee security training and background checks
Bug bounty program for responsible disclosure
SOC 2 Type II certification (in progress)
Security Questions?
If you have security concerns or want to report a vulnerability, please contact our security team.
security@sectora.io