Security Overview

Stackmint is built with security as a core requirement. This page provides a high-level overview of our security approach. More detailed documentation and responses to security questionnaires can be provided to customers under NDA.

1. Infrastructure Security

• Cloud-hosted infrastructure with hardened configurations;
• Network-level protections and restricted administrative access;
• Segregation of environments (e.g., staging vs production);
• Regular OS and dependency patching.

2. Data Protection

• Encryption in transit using TLS;
• Encryption at rest for databases and storage where supported;
• Role-based access controls (RBAC) for platform features;
• Limited and audited access to production data.

3. Application Security

• Secure development practices and code review;
• Use of modern frameworks and security tooling;
• Protection against common web vulnerabilities where applicable;
• Configuration controls to limit token and secret exposure.

4. Incident Response

Stackmint maintains procedures for detecting, investigating, and responding to security incidents. In the event of an incident affecting customer data, Stackmint will notify impacted customers without undue delay in accordance with contractual and legal requirements.