Security Policy

1. Infrastructure Security

Sigbot utilizes enterprise-grade cloud infrastructure provided by Google Cloud Platform (specifically Firebase) to ensure high availability, redundancy, and physical security of data centers.

2. Data Encryption

In Transit: All data transmitted between the Sigbot client and our servers is encrypted using TLS 1.2 or higher.

At Rest: Data stored in our cloud databases is encrypted at rest using AES-256 standards.

3. Authentication

We use secure, token-based authentication (OAuth2 / Firebase Auth) to manage user access. We do not store plain-text passwords.

4. Access Control

Access to customer data is strictly limited to authorized personnel who require it for support or engineering purposes. Multi-Factor Authentication (MFA) is enforced for all administrative access.

5. Vulnerability Management

We perform regular security audits and dependency updates to mitigate potential vulnerabilities in our software supply chain.

6. Reporting Issues

If you discover a security vulnerability, please report it to security@sigbot.com.