Trust & Security
Security at PromptMantra
We take the security of your data seriously. Here's how we protect your brand intelligence.
๐
Encryption
- โAll data in transit is encrypted using TLS 1.2+
- โDatabase connections use encrypted channels
- โPasswords are hashed using bcrypt with per-user salts
- โAPI keys and secrets are stored in encrypted environment variables
๐๏ธ
Infrastructure
- โHosted on SOC 2 compliant cloud infrastructure
- โContainer-based deployment with Docker for isolation
- โPostgreSQL database with automated backups
- โRedis for secure session management with TTL-based expiry
- โPrivate networking between application services
๐
Access Controls
- โRole-based access control (RBAC) for all users
- โJWT-based authentication with short-lived access tokens
- โRefresh token rotation for session security
- โProduction systems restricted to authorized personnel only
- โAll administrative actions are logged for audit
๐ก๏ธ
Application Security
- โInput validation and sanitization on all endpoints
- โCORS policies restricting cross-origin requests
- โRate limiting on authentication endpoints
- โSQL injection prevention via parameterized queries (SQLAlchemy ORM)
- โRegular dependency updates and vulnerability scanning
๐
Monitoring & Response
- โReal-time application health monitoring
- โAutomated alerts for service degradation
- โStructured logging for security event tracking
- โIncident response procedures documented and tested
๐
Data Handling
- โAI engine queries are made on your behalf โ your prompts are not shared with other users
- โBrand monitoring data is isolated per organization
- โData export available in standard formats (CSV/JSON)
- โAccount deletion results in data removal within 30 days
๐ Report a Vulnerability
If you discover a security vulnerability, please report it responsibly. We appreciate your help in keeping PromptMantra secure for everyone.
Contact security@146.190.147.44 โ