Cyblink Security Statement

At Cyblink, security is foundational. This statement outlines how we protect data, safeguard platform integrity, and continuously improve our defenses across www.cyblink.ai.

Data Protection & Encryption

• Encryption in transit & at rest: TLS 1.3 for all transport; AES-256 for stored data.
• Hardened cloud infrastructure: Hosted on enterprise-grade cloud with strong physical and logical controls.
• Access controls: Multi-factor authentication (MFA) for all administrative access.
• Data isolation: Customer data is logically segregated with strict, role-based access.

Monitoring & Incident Handling

• Continuous monitoring: Automated alerting, health checks, and anomaly detection across key services and logs.
• Incident response playbooks: Defined procedures for triage, containment, remediation, and post-incident review.
• Security testing: Periodic vulnerability assessments and targeted penetration testing.
• Monitoring and response are handled via automated controls and on-call engineering procedures.

Compliance & Certifications

• Security standards: We align with recognized security standards and are actively implementing an ISMS in accordance with ISO/IEC 27001:2022 in preparation for certification.
• Privacy compliance: We also design and operate controls to support applicable privacy obligations (e.g., GDPR, CCPA), including data-subject rights processes and contractual DPAs where required.

Platform Security Features

• Secure file handling: All uploads are scanned for malware and stored securely.
• Role-based access control (RBAC): Granular permissions ensure least-privilege access.
• Audit logging: Comprehensive logging of user and system activities.
• Encrypted communications: All in-platform messaging and data exchanges are encrypted.

Third-Party Security

• Vendor due diligence: Third-party providers are assessed for security posture and contractual data-protection commitments.
• Secure integrations: All integrations use authenticated, encrypted APIs and minimum required scopes.

Shared Responsibility

• Strong credentials: Use unique, complex passwords and enable MFA.
• Secure endpoints: Keep devices patched and protected with endpoint security.
• Report issues: Immediately notify us of any suspicious activity or potential vulnerabilities.

Transparency & Updates

• Security updates: We continuously enhance controls and will communicate material improvements.
• Incident notifications: We will promptly inform affected customers of any incident with potential impact.
• Best practices: We share relevant security guidance to help customers use Cyblink securely.

Contact Our Security Team