Security
Security posture for the hosted Certus product.
This page describes the current security baseline of the product as it exists today: identity, org isolation, evidence integrity, and service operations.
Identity
Auth0-backed authentication, org-scoped access, and secure session handling for the hosted product.
Evidence integrity
Evidence packs are hashed or signed so exported review artefacts can be checked for integrity.
Service isolation
Repositories, PRs, evidence records, and settings are partitioned by organization boundaries.
Operational controls
Hosted infrastructure, audit logging, and release controls are managed as part of the product runtime.
Control Areas
Authentication and sessions
- Hosted sign-in is handled through Auth0-backed flows.
- Session cookies are secure and HTTP-only.
- Dashboard access is guarded by server-side auth checks.
Data handling
- CLI sync stores scan outputs, control mappings, and evidence metadata rather than raw source code by default.
- Evidence records are tied to repositories, pull requests, and organizations for audit traceability.
- Public status reporting now reflects internal service checks rather than an external placeholder monitor.
Deployment posture
- The hosted service runs on Google Cloud infrastructure.
- Public endpoints are served over HTTPS with transport and browser hardening headers.
- Runtime configuration is separated from build-time code paths to avoid false operational assumptions.
Security model
Trust boundaries are enforced through product configuration, auth checks, org partitioning, and evidence verification paths.
Backed by runtime checks
The public status page now reports live service checks for the actual product surface.
Linked policy pages
- Security review and disclosure intake through the disclosure process
- Operational status visibility through the live status page
- Privacy and legal baselines documented on the linked policy pages