Our Security Principles
Security is foundational to Tudasi. We follow a defense-in-depth approach, implementing multiple layers of security controls to protect your data. Our constitutional principle of Data Privacy & Encryption guides every architectural decision we make.
Infrastructure Security
Our infrastructure is hosted on trusted cloud providers with:
- SOC 2 Type II certified data centers
- Encryption in transit (TLS 1.3) and at rest
- Network isolation and firewall protection
- Regular backups with encrypted storage
- DDoS protection and rate limiting
Application Security
We build security into our development process:
- Secure coding practices and code review requirements
- Dependency vulnerability scanning
- Automated security testing in CI/CD pipeline
- Input validation and output encoding
- Principle of least privilege for all systems
Data Protection
Your code never leaves your machine unless explicitly required for a feature you've enabled. When AI features are used, we transmit only the minimal context needed—typically just diffs or specific file snippets—never your entire repository. All data is encrypted both in transit and at rest.
Vulnerability Reporting
We appreciate the security research community's efforts in helping keep Tudasi secure. If you discover a security vulnerability, please report it responsibly to security@tudasi.com. We commit to acknowledging reports within 48 hours and will work with you to understand and address the issue promptly.
Questions?
For security-related inquiries, please contact us at security@tudasi.com.