Security

We build for EU sovereignty and resilience. Here is how we protect data and the service.

1. Architecture

• Network isolation between scan workers, API, and storage; least-privilege access controls.
• Encryption in transit (TLS) and at rest for stored data.
• Preference for EU-hosted infrastructure and vendors with adequate safeguards.

2. Data Handling

• Scoped data collection: URLs, observed requests, DNS/ASN lookups, classifications, and generated reports.
• Segregated environments for scanning; restricted access to reports and logs.

3. Monitoring & Response

• Operational monitoring for availability and abuse patterns.
• Incident response playbooks; we will notify customers of material incidents without undue delay.

4. Customer Responsibilities

• Protect account credentials and access tokens; use strong auth where available.
• Only submit URLs you are authorized to assess; avoid supplying sensitive personal data.

5. Vulnerability Reporting

• If you discover an issue, please report it to security@stackaudit.eu.
• No testing against production without prior consent; no disruption of service.

6. Business Continuity

• Backups for critical data; tested restore procedures.
• Redundancy at the infrastructure level where feasible.