Security at GitSniff
Trust is our currency. We employ enterprise-grade security measures to protect your intellectual property at every stage of the review process.
End-to-End Encryption
All data is encrypted in transit via TLS 1.3 and at rest using AES-256.
Zero-Retention Analysis
Code is processed in volatile memory and discarded immediately after inference.
Compliance Ready
We are SOC 2 Type I compliant and GDPR ready for European customers.
Infrastructure Security
Cloud Security
AnnitaCode is hosted on Google Cloud Platform (GCP) and AWS, utilizing Virtual Private Clouds (VPC) to isolate our compute environments. We strictly limit network access using firewalls and security groups.
Data Isolation
Tenant data is logically isolated. For enterprise customers, we offer single-tenant deployments where compute resources are completely dedicated to your organization. Contact us to learn more.
Application Security
Authentication & Access
We support SSO (Single Sign-On) via Google Workspace, GitHub, and SAML providers (Okta, Azure AD) for Enterprise plans. MFA is enforced for all administrative access.
Vulnerability Management
We perform regular automated scans of our dependencies and infrastructure. We engage third-party security firms for annual penetration testing.
Responsible Disclosure
Found a vulnerability? We operate a bug bounty program. Please report any security issues directly to our security team. We pledge to investigate all reports within 24 hours.