🔒 Security at MythicDot.AI

Enterprise-grade security is built into every layer of our infrastructure. Your data protection is our top priority.

🛡️ SOC 2 Type II Certified
🇪🇺 GDPR Compliant
🔐 ISO 27001 In Progress
🏥 HIPAA Ready

Infrastructure Security

Our infrastructure is designed with defense in depth, implementing multiple layers of security controls to protect your data.

🔐

Encryption

All data is encrypted in transit and at rest.

  • TLS 1.3 for all connections
  • AES-256 encryption at rest
  • Perfect forward secrecy
  • Customer-managed keys (Enterprise)
🌐

Network Security

Multi-layered network protection.

  • DDoS protection at edge
  • Web Application Firewall
  • Private network isolation
  • IP allowlisting available
🔑

Access Control

Fine-grained access management.

  • Role-based access control
  • Multi-factor authentication
  • SSO/SAML integration
  • Audit logging
📊

Monitoring

24/7 security monitoring and response.

  • Real-time threat detection
  • Automated alerting
  • Security incident response
  • Continuous vulnerability scanning

Data Protection

We implement strict data protection measures to ensure your information remains secure and private.

🗑️

Data Retention

You control your data lifecycle with configurable retention policies and the right to deletion at any time.

📍

Data Residency

Choose where your data is stored with region-specific deployments in US, EU, and Asia-Pacific.

🔄

Backup & Recovery

Automated backups with point-in-time recovery. Data is replicated across multiple availability zones.

Compliance & Certifications

We maintain rigorous compliance standards to meet enterprise security requirements.

📋

SOC 2 Type II

Audited annually for security, availability, and confidentiality

🇪🇺

GDPR

Full compliance with EU data protection regulations

🇺🇸

CCPA

California Consumer Privacy Act compliant

💳

PCI DSS

Payment card data handled securely via Stripe

🐛 Responsible Disclosure

We take security seriously and appreciate the work of security researchers. If you discover a vulnerability, please report it responsibly. We offer a bug bounty program for qualifying reports.

📧 security@mythicdot.ai

PGP Key Fingerprint

4A2C 8E9F 1B3D 5C7A 0E2F 6D8B 9A1C 3E5F 7D9B 2A4C

Security FAQ

Where is my data stored? +

Your data is stored in secure data centers operated by leading cloud providers (AWS, GCP). Enterprise customers can choose specific regions for data residency requirements.

How is my API key protected? +

API keys are hashed using bcrypt before storage and are never stored in plain text. You can rotate keys at any time, and we support IP allowlisting for additional security.

Do you have a SOC 2 report I can review? +

Yes, our SOC 2 Type II report is available to customers and prospects under NDA. Contact our sales team to request a copy.

What happens if there's a security incident? +

We have a documented incident response plan. In the event of a security incident affecting your data, we will notify affected customers within 72 hours as required by GDPR and other regulations.