Security
Security is at the core of what we do. We protect your data with industry-leading practices so you can focus on securing your infrastructure.
Encryption
- TLS 1.3 for all data in transit
- AES-256 encryption for data at rest
- Encrypted backups with key rotation
Infrastructure
- SOC 2 Type II certified cloud providers
- Isolated processing environments
- No persistent storage of Terraform plans
Access Control
- Role-based access control (RBAC)
- Multi-factor authentication
- Audit logging for all access
Compliance
- SOC 2 Type II (in progress)
- GDPR compliant data handling
- Regular third-party audits
How We Handle Your Data
Terraform Plan Files
When you upload a Terraform plan for analysis, we process it in an isolated environment. Your plan data is automatically deleted within 24 hours of analysis completion. We never store your infrastructure secrets or credentials.
Analysis Results
Security reports are stored encrypted and accessible only to you. You can delete your analysis history at any time from your dashboard.
No Training on Your Data
We do not use your Terraform plans or infrastructure data to train machine learning models. Your data remains yours.
Vulnerability Disclosure
Report a Security Issue
We take security vulnerabilities seriously. If you discover a security issue, please report it responsibly to our security team.
hello@syncrally.com
We aim to acknowledge reports within 24 hours and provide updates within 72 hours.
Certifications & Compliance
Questions?
For security-related inquiries or to request our security documentation, contact us at:
hello@syncrally.com