Platform Security

The CyberMarket.ai Platform has been designed and built with the following Security Controls and Standards.

​

1. Core Platform Security

​

• Data Encryption: We support end-to-end encryption for all data in transit (SSL/TLS) and at rest, ensuring sensitive information is protected from unauthorised access.

• Access Control: We implement robust user authentication and role-based access control (RBAC) mechanisms, ensuring that only authorised personnel have access to different sections of the platform.

• Vulnerability Management: We undertake regular vulnerability scanning and patching of our environment to address known threats, aligning with industry-standard practices (OWASP).

• Third-Party Integrations Security: Any third-party integrations are vetted for security compliance, ensuring they don't introduce vulnerabilities.

​

2. AI Consultant Security

​

• Infrastructure Security: Our Cloud Environment provides a secure environment with built-in protections like firewalls, intrusion detection systems, and distributed denial-of-service (DDoS) protection. These services are used to secure the AI platform from external threats.

• Compliance Certifications: Our Cloud Environment holds various certifications such as ISO 27001, SOC 2, and GDPR, ensuring the AI consultant environment meets global security standards.

• AI Model Isolation: The AI consultant’s models and data are isolated using Virtual Private Cloud (VPC) and Identity and Access Management (IAM) policies to restrict access.

• Auto-scaling and Fault Tolerance: We automatically scale resources and include built-in redundancy and failover capabilities, ensuring continuous uptime and security during high-traffic periods.

​

3. General Security Controls

​

• Logging and Monitoring: Our Platform offers comprehensive logging, with security logs monitored for unusual activity in real-time.

• Incident Response: Clear protocols for incident response.

• Data Protection and Privacy: The platform is designed with data privacy in mind, adhering to standards such as GDPR. Data retention policies are in place to ensure minimal storage of personal information.