Security Overview

Last updated: April 2026

Classification: NDA-scoped reviewer documentation

Security Model

  • Production workloads are deployed in a split-stack Kubernetes model with dedicated edge and application services.
  • The platform utilizes the Sentinel V2 auto-healing engine for proactive monitoring and automated infrastructure repair.
  • Security controls prioritize least privilege, encrypted secret storage, and explicit operational runbooks.
  • Test-only components are separated from production paths; for example, MailHog is internal-only and not public.

Secrets and Credentials

  • Secrets are managed with encrypted workflows (SOPS + age) and Kubernetes Secrets for runtime delivery.
  • Field-level encryption for sensitive PII is supported through a dedicated, isolated Secrets API, ensuring separation of concerns between data storage and cryptographic keys.
  • Plaintext credentials are not committed to source control.
  • Secret rotation is supported through operational tooling and scheduled synchronization jobs.

Access Controls

  • Administrative and internal service access is restricted by role and deployment context.
  • Data-plane security is enforced through Schema Guards (Schema-on-Ingest) and Privacy Guards (Automated PII Masking) integrated into the service SDK.
  • Authentication and authorization controls are enforced in application services and API layers.
  • Internal operational documentation is access-controlled and not publicly exposed.

Network and Platform Protections

  • TLS is used for public edge traffic and service communication where applicable.
  • Encryption in transit is enforced for public-facing traffic; encryption-at-rest controls are provided by managed infrastructure layers.
  • Kubernetes manifests and infrastructure mappings are version-controlled for auditable change history.
  • Deployment workflows separate image build and deployment actions to reduce accidental release risk.

Vulnerability and Operational Maintenance

  • Security and operational issues are handled through runbooks, checklists, and incident documentation.
  • Dependency and infrastructure updates are performed regularly to reduce known vulnerability exposure.
  • Infrastructure and service updates are performed through controlled deployment workflows.
  • Customer-specific security questionnaires can be supported as part of vendor onboarding.

Back to Trust Center