Skip to main content
Home/Security

Security

How we protect your data and our platform

1. Overview

VigilSentinel is built with security at its core. This page describes the technical and organisational measures we use to protect your data, secure our platform, and maintain the trust of our customers.

2. Data Protection

  • Encryption in transit: All traffic between your browser and our services uses TLS 1.2 or higher.
  • Encryption at rest: Sensitive data is encrypted where stored (e.g. AES-256 where applicable).
  • Passwords: Passwords are hashed using bcrypt with per-user salts; we do not store plain-text passwords.
  • Credential vault: Stored API keys and secrets are kept in an encrypted vault, not in plain text.

3. Access Control

  • Authentication: Secure session management with configurable timeouts and optional multi-factor authentication (MFA).
  • Role-based access (RBAC): Permissions are granted by role so users only see and do what they are allowed.
  • Least privilege: Services and operators follow least-privilege principles where possible.

4. Application Security

  • Security headers: We set industry-standard headers (e.g. HSTS, X-Content-Type-Options, CSP) to reduce client-side risks.
  • CSRF protection: Forms and state-changing requests are protected against cross-site request forgery.
  • Rate limiting: APIs and login endpoints are rate-limited to reduce abuse and brute-force risk.
  • Input validation: User input is validated and sanitised to limit injection and XSS risks.

5. Monitoring & Auditing

  • Audit logging: Administrative and sensitive actions are logged for accountability and investigation.
  • Security monitoring: We monitor for anomalies and security events to detect and respond to incidents.

6. Infrastructure & Operations

When we or our partners host VigilSentinel, we follow secure deployment practices: non-root processes where applicable, regular updates, and hardening of the environment. For self-hosted (installation) deployments, we provide guidance and defaults that support secure configuration.

7. Reporting Security Issues

If you believe you have found a security vulnerability in VigilSentinel or our services, please report it to us responsibly. Contact us at [email protected] with a clear description and steps to reproduce. We will acknowledge receipt and work with you to understand and address the issue.

Home  ·  Terms of Service  ·  Privacy Policy