Security

Last updated: April 9, 2026

Every client gets a fully dedicated, isolated environment — not a shared database, not a multi-tenant cluster. Your data belongs to you, and it stays on your server.

1. Dedicated & Isolated Infrastructure

Each client receives a fully dedicated virtual private server. Your server runs its own operating system, application instance, and database.

• PostgreSQL database bound to localhost only — no external database connections
• Application and AI agents run under separate system users with isolated permissions
• Satellites operate independently with no cross-access between client environments
• Docker containers with restricted privileges — no privileged mode, no host networking

2. Server Hardening

Network Security

• UFW firewall — only ports 22, 80, and 443 are open
• Fail2ban intrusion detection automatically bans IP addresses after repeated failed SSH login attempts
• Kernel hardening with IP redirect disabled

SSH Access

• Key-based authentication only — passwords are disabled
• X11 forwarding disabled
• Restricted to authorized fleet management keys

Web Server

• Hidden server version information — no framework or language version exposed in headers or error responses
• HSTS — Strict Transport Security enforced with a one-year max-age
• X-Frame-Options (SAMEORIGIN) to prevent clickjacking
• X-Content-Type-Options (nosniff)
• Referrer-Policy and Permissions-Policy restrictions
• Stack trace and internal path leakage prevention — error responses never reveal server internals

Automatic Patching

Unattended security upgrades are enabled on all servers, ensuring critical patches are applied promptly without manual intervention. Dependency CVE scanning runs automatically, with safe vulnerabilities auto-patched.

3. Encryption & Credential Management

• In transit: All traffic is encrypted via TLS (v1.2 and v1.3 only) — weak ciphers (RC4, DES, 3DES, NULL, EXPORT) are explicitly blocked
• At rest: Sensitive credentials (OAuth tokens, API keys, passwords) are encrypted using AES-256-GCM before being stored in the database — never logged in plaintext
• Wildcard SSL certificates with automatic renewal and continuous expiry monitoring
• Automated credential leak detection scans logs, memory, and documents for accidentally exposed secrets

4. Continuous Security Scanning

Every Ai1 environment runs an automated security loop with two complementary phases:

Offensive Testing (Red Hat)

• HTTP security header validation and authentication surface probing
• OWASP 2025 error-handling checks — stack trace leakage, information disclosure, malformed input handling
• API endpoint discovery with unauthorized access probing
• Agent privilege auditing to detect permission scope creep
• Skill supply chain audits — installed skills are scanned for suspicious or injected code
• Memory sanitization — agent memory files are scanned for injected instructions

Defensive Validation (Blue Hat)

• Dependency CVE scanning with automatic safe patching
• Configuration drift detection against known-good baselines
• Behavioral anomaly detection across session logs
• Audit log completeness and integrity verification
• External SSL/TLS certificate health checks and DNS security validation (SPF, DMARC, CAA)
• Zero-trust checks: session timeouts, wildcard permissions, dormant agents, and stale credentials

Event-Triggered Scans

In addition to the nightly loop, security scans run automatically after every code deployment, skill installation, and configuration change — catching issues immediately rather than waiting for the next scheduled cycle.

5. Data Privacy

We do not access, use, or retain your data.

• No AI model training on customer data
• No analysis or aggregation of conversations
• Server access only for maintenance or support — and only with your knowledge
• Direct API calls to providers (Anthropic, OpenAI, etc.) — your data goes directly to the provider and back, not through us

6. Geographic Regions

Choose where your server is hosted. Available regions:

• Europe: Germany, Finland
• US East: Ashburn, Virginia
• US West: Hillsboro, Oregon
• Asia Pacific: Singapore
• Custom arrangements available on request

7. Backup & Disaster Recovery

• Hosting provider automatic snapshots for full-server recovery
• Daily, weekly, and monthly database backups stored on a separate cloud storage provider
• Recovery time: minutes for restarts, hours for full rebuilds

8. Monitoring & Incident Response

Continuous monitoring tracks CPU, memory, disk usage, application status, and SSH reachability across all client environments.

• Security scan results are tracked over time — severity trends, mean time to resolution, and auto-fix rates are measured and reported
• Escalations are flagged immediately via Slack notification to the operations team
• In the event of a security breach, we commit to notifying affected clients within 72 hours

9. Third-Party Services

We integrate with trusted providers who maintain strong data practices:

• Anthropic — does not train models on API data
• OpenAI — does not train models on API data by default
• Hetzner Cloud — infrastructure provider headquartered in Germany, subject to EU data regulations
• Stripe — billing processor with no direct card storage on our servers

10. Platform Updates

Security-critical patches are applied promptly. Non-critical updates and feature releases are communicated via Slack and email before deployment.

• Every deployment triggers automated security validation before going live
• Configuration changes are tracked against baselines to detect unintended drift
• New skill installations undergo supply chain integrity checks

11. Ownership & Portability

Everything you build on the platform is yours — agents, workflows, skills, scripts, configurations, automations, and data.

• 30-day export window after cancellation
• Export formats: PostgreSQL dumps, Markdown, standard file transfer
• Platform codebase remains proprietary to Zero Point Studio d.o.o.

12. Contact

If you have questions about our security practices, get in touch with our team.