Security

Infrastructure security

• All data encrypted in transit (TLS 1.2+) and at rest.
• Cloud credentials are stored with industry-standard encryption and never logged in plaintext.
• Infrastructure is provisioned in your own cloud account. Your data never leaves your environment.
• Role-based access controls across all internal systems.

Application security

• Regular security audits and dependency vulnerability scanning.
• Secrets and credentials isolated per tenant with no cross-account access.
• All API endpoints authenticated and rate-limited.
• Session tokens are short-lived and rotated automatically.

Operational security

• Principle of least privilege applied to all cloud access permissions.
• Audit logging for all infrastructure operations performed on your behalf.
• Credentials are immediately revoked and deleted when you disconnect a cloud account or delete your account.

Responsible disclosure

If you discover a security vulnerability, please report it responsibly. Do not open a public issue. Instead, email us directly at security@ownkube.io with:

• A description of the vulnerability and its potential impact.
• Steps to reproduce the issue.
• Any relevant screenshots or logs.

We will acknowledge your report within 48 hours and aim to resolve confirmed issues promptly.

Contact

For security questions or concerns, email security@ownkube.io.