Security & Trust Center

Our commitment to protecting your infrastructure and data with enterprise-grade security practices.

End-to-End Encryption

All data is encrypted in transit (TLS 1.3) and at rest (AES-256) with customer-managed encryption keys available for enterprise plans.

Multi-Factor Authentication

Enterprise SSO with support for SAML, OIDC, and passwordless magic links. Role-based access control (RBAC) for granular permissions.

Responsible Disclosure Program

We welcome security researchers to help us maintain the security of our platform. If you discover a vulnerability, please report it responsibly.

How to Report

  1. Email security@sovereign.local with details of the vulnerability
  2. Include steps to reproduce, potential impact, and any proof-of-concept code
  3. Allow us reasonable time to investigate and remediate before public disclosure
  4. We will acknowledge your report within 48 hours and provide updates on our progress

In Scope

  • Authentication and authorization bypasses
  • SQL injection, XSS, CSRF, and other injection vulnerabilities
  • Server-side request forgery (SSRF) and remote code execution (RCE)
  • Sensitive data exposure or insecure data storage

Out of Scope

  • Social engineering attacks or phishing
  • Denial of service (DoS) attacks
  • Issues in third-party services we don't control

Security Contact

Email: security@sovereign.local

PGP Key: Available upon request

Security Practices

Infrastructure Security

  • Multi-region deployment with automatic failover
  • Network segmentation and zero-trust architecture
  • Regular vulnerability scanning and patching

Continuous Monitoring

  • 24/7 security operations center (SOC)
  • Real-time threat detection and response
  • Comprehensive audit logging and SIEM integration