Trust Center

What happens to your data.

The full path of an uploaded scan, from TLS handshake to encrypted storage to deletion. Every step documented. No black boxes.

Read security policy security@cveriskpilot.com

From upload to storage, in six steps

Step 01
File received over TLS
Your file is transmitted over HTTPS/TLS 1.3. It never travels over an unencrypted connection. Same-origin enforcement blocks cross-site forgery.
Step 02
Format validated — malicious content rejected
File size, extension, and content type are checked before any parsing begins. Files over 50 MB or with unsupported formats are rejected immediately with no storage.
Step 03
Content parsed in-process — not forwarded to AI
Parsers extract vulnerability records (CVE IDs, CVSS scores, package names) using our own parser chain. Your raw file content is not sent to any AI model or third-party service.
Step 04
Normalized findings stored org-scoped
Extracted findings are written to your organization's isolated data partition in a dedicated PostgreSQL database. No other tenant can read, query, or enumerate your findings.
Step 05
Raw artifact stored encrypted
The original file is stored in encrypted cloud storage, protected at rest with AES-256-GCM. Default retention is 180 days. Configurable per organization.
Step 06
Deleted on demand or at retention cutoff
Delete any upload from the Uploads page. All associated findings are cascade-deleted. Your retention policy runs automatically and purges raw content at the configured cutoff.

What we promise

Uploaded scan files are not model training data

Scan files you upload are parsed to extract vulnerability records. They are not silently repurposed as cross-tenant model training data.

Strict tenant isolation

Every database query, API response, and file operation is scoped to your organization ID — derived from your authenticated server session, never from client-supplied input.

Configurable retention, not indefinite

Default raw artifact retention is 180 days. Workflow records are kept 2 years for audit continuity. Audit logs are kept 7 years. All windows are configurable by org admins.

Self-service deletion

Delete individual uploads from the Uploads page. Request full account and data deletion from your Profile. Deletion requests processed within 30 days.

Your data is exportable

Download a full export of your data at any time. CSV and PDF export available for findings, cases, audit logs, and compliance reports. No lock-in, no data hostage.

Operator access is restricted and audited

Sensitive operator access to customer data is restricted to platform-owner admins. Sensitive operator reads and writes are logged to a tamper-evident audit trail, and signed entries can be exported for independent verification.

Technical safeguards

TransportTLS 1.3 enforced on all connections

Storage encryptionAES-256-GCM at rest for all stored artifacts and database records

AuthenticationHttpOnly cookies, bcrypt password hashing, TOTP MFA, backup codes, Google OAuth, GitHub OAuth, Microsoft OAuth, WorkOS SSO, passkeys/WebAuthn

SessionsServer-side sessions, org-scoped RBAC (11 roles, 26 permissions), revocation endpoint

Tenant isolationorganizationId derived from authenticated session — never from request body or URL params

Input validationAll uploads validated (size, type, extension, magic bytes) before any processing

API securitySame-origin enforcement on mutating routes, CSRF protection, rate limiting

InfrastructureSOC 2-readiness posture (not yet attested); Cloud KMS-backed Ed25519 signing keys in production environments

Audit trailEd25519 signatures + Merkle tree integrity (Vault Protocol), tamper-evident hash chain (beta — under review)

ComplianceSOC 2 readiness, 13 framework mapping, evidence collection system, POAM generation

Program memberships

Questions about our security practices?

Contact our security team directly, or review our security and privacy policies for full details.

security@cveriskpilot.com Security policy Privacy policy

Trust Center

What happens to your data.

The full path of an uploaded scan, from TLS handshake to encrypted storage to deletion. Every step documented. No black boxes.

Read security policy security@cveriskpilot.com

From upload to storage, in six steps

Step 01
File received over TLS
Your file is transmitted over HTTPS/TLS 1.3. It never travels over an unencrypted connection. Same-origin enforcement blocks cross-site forgery.
Step 02
Format validated — malicious content rejected
File size, extension, and content type are checked before any parsing begins. Files over 50 MB or with unsupported formats are rejected immediately with no storage.
Step 03
Content parsed in-process — not forwarded to AI
Parsers extract vulnerability records (CVE IDs, CVSS scores, package names) using our own parser chain. Your raw file content is not sent to any AI model or third-party service.
Step 04
Normalized findings stored org-scoped
Extracted findings are written to your organization's isolated data partition in a dedicated PostgreSQL database. No other tenant can read, query, or enumerate your findings.
Step 05
Raw artifact stored encrypted
The original file is stored in encrypted cloud storage, protected at rest with AES-256-GCM. Default retention is 180 days. Configurable per organization.
Step 06
Deleted on demand or at retention cutoff
Delete any upload from the Uploads page. All associated findings are cascade-deleted. Your retention policy runs automatically and purges raw content at the configured cutoff.