Security
Last updated: January 12, 2026
🔒
Your code security is our top priority
At ArchiCore, we understand that you're trusting us with your source code - one of your most valuable assets. We take this responsibility seriously and implement comprehensive security measures to protect your data.
Data Protection
Encryption
- In Transit: All data is encrypted using TLS 1.3
- At Rest: AES-256 encryption for stored data
- Passwords: Bcrypt hashing with salt
Access Control
- Role-based access control (RBAC)
- JWT-based authentication with short-lived tokens
- API keys with configurable permissions
- Session management with automatic expiration
Infrastructure Security
Hosting
- Secure cloud infrastructure
- Regular security patches and updates
- DDoS protection
- Firewall and network segmentation
Monitoring
- 24/7 system monitoring
- Intrusion detection systems
- Automated threat detection
- Security event logging and alerting
Code Handling
Processing
Your code is:
- Processed in isolated environments
- Never shared with other users
- Not used for AI model training
- Automatically deleted after retention period
AI Analysis
When using AI features:
- Code is sent to AI providers via encrypted connections
- We use enterprise AI APIs with data protection agreements
- AI providers do not retain your code
- You can opt-out of AI features if required
Application Security
- OWASP: Protection against Top 10 vulnerabilities
- CSRF: Cross-Site Request Forgery protection
- XSS: Cross-Site Scripting prevention
- SQL Injection: Parameterized queries
- Rate Limiting: Protection against abuse
- Input Validation: Strict input sanitization
Compliance
- GDPR: European data protection compliance
- CCPA: California consumer privacy compliance
- SOC 2: Security controls (in progress)
Security Practices
- Regular security audits
- Dependency vulnerability scanning
- Code review for all changes
- Incident response procedures
- Employee security training
Responsible Disclosure
We appreciate security researchers who help us keep ArchiCore safe. If you discover a vulnerability:
- Email us at security@archicore.io
- Provide detailed information about the issue
- Allow us reasonable time to fix it before disclosure
- Do not access or modify other users' data
We commit to:
- Responding within 48 hours
- Not pursuing legal action for good-faith research
- Crediting you (if desired) when we fix the issue
Questions?
For security-related questions or concerns, contact:
- Email: security@archicore.io