Security

At Blacksite Labs, the security of our Agent Hub platform and your data is our highest priority. This document details our approach to securing our infrastructure, data, and applications.

1. Data Encryption

• In Transit: All data transmitted between your clients and our servers is encrypted using industry-standard TLS (Transport Layer Security) protocols.
• At Rest: All data is securely encrypted at rest using managed database services provided by Supabase.

2. Tenant Isolation

We employ strict Row-Level Security (RLS) policies within Supabase to ensure robust tenant isolation. Data access is cryptographically tied to authenticated user identities, preventing unauthorized cross-tenant data exposure.

3. Access Controls and Authentication

• API Key Hashing: All API keys are securely hashed before storage. We do not store plaintext API keys.
• OAuth 2.1: We support OAuth 2.1 for secure, standardized connector authentication and authorization.

4. Auditing and Monitoring

We implement comprehensive audit logging across our infrastructure. Access to core systems and critical operations are logged and continuously monitored for anomalous activity to facilitate rapid incident detection and response.

5. Incident Response

We maintain an active incident response protocol. In the event of a security incident or data breach, affected users will be notified promptly in accordance with applicable laws and regulations.

6. Reporting Security Vulnerabilities

If you discover a security vulnerability, we encourage you to report it to us immediately. Please contact our security team at: security@blacksite.dev.