SEISMO

Security

How we protect your data

Seismograph is built on AWS and Cloudflare. Here is what we do to keep your data safe.

Data Security

  • All data encrypted in transit (TLS 1.2+)
  • All data encrypted at rest (AWS KMS)
  • Data isolated per client
  • Automatic data expiry — probe results retained for 30 days, alerts for 7 days

Access Control

  • Client dashboards protected by Cloudflare Access
  • Per-client access policies
  • API keys stored in AWS Secrets Manager — never logged or exposed

Infrastructure

  • Serverless architecture on AWS
  • No persistent servers
  • Automated scaling, no manual intervention

Webhook Security

  • GitHub webhook payloads verified via signature
  • No webhook secrets stored in code

Responsible Disclosure

If you discover a security vulnerability, please report it to us privately.

Email [email protected] with a description of the issue. We respond within 24 hours and will work with you to resolve it quickly.