Security at MicroStax
We take the security of your code and infrastructure seriously. Here's how we protect your data and environments.
Overview
MicroStax is built with security at its core. We follow a shared responsibility model: we secure the platform, and you control access to your environments and data.
Infrastructure
Each environment runs in an isolated Kubernetes namespace with network policies preventing cross-namespace traffic. Clusters use k3s with hardened defaults, and all nodes are regularly patched.
Authentication
We use GitHub OAuth for user authentication and JWT tokens for API access. Role-based access control (RBAC) ensures users only access environments and resources they own or have been granted access to.
Data Protection
All data is encrypted in transit using TLS 1.2+ and at rest using AES-256. We maintain regular backups and follow data minimization principles — ephemeral environments are automatically cleaned up based on TTL policies.
Compliance
We are working toward SOC 2 Type II certification. MicroStax is GDPR-ready, and we offer a Data Processing Agreement (DPA) for enterprise customers.
Vulnerability Disclosure
We welcome responsible security disclosures. If you discover a vulnerability, please report it to security@microstax.ai. We commit to acknowledging reports within 24 hours and providing updates on remediation.
Contact the Security Team
Have a security concern or want to report a vulnerability?
security@microstax.ai