Uncompromising
Defense.
We protect your users' identities with the same rigor used by national intelligence agencies. Explore our multi-layered approach to infrastructure, data, and application security.
Infrastructure Security
Built on a global, serverless edge network backed by hardened compute instances.
Global Edge Network
Our application logic is distributed across a CDN with points of presence (PoPs) in 100+ cities, mitigating DDoS attacks at the edge before they reach core servers.
Hardened US Compute
Sensitive processing occurs on isolated Virtual Private Server (VPS) nodes located in Tier-4 US data centers, protected by strict firewall rules and VPC peering.
Active DDoS Mitigation
We utilize automated traffic analysis to identify and scrub volumetric attacks (L3/L4) and application-layer floods (L7) in real-time.
Data Persistence
How we store, isolate, and backup your mission-critical data.
Row-Level Security (RLS)
We enforce strict SQL-level isolation. A tenant's query can strictly only access rows associated with their specific Organization ID. Cross-contamination is mathematically impossible.
Encryption at Rest
All persistent data is encrypted using AES-256 (Advanced Encryption Standard). Encryption keys are managed via AWS KMS and rotated automatically.
Point-in-Time Recovery
Our database clusters perform continuous write-ahead logging (WAL), allowing us to restore the state of the system to any second in the last 30 days.
✔ Disk encryption: enabled (AES-256)
✔ RLS policies: enforced
Hollistic Security
Defense strategies to integrate physical, technical, and administrative safeguards to protect our entire ecosystem.
Data Residency
Compliance+ customers can choose specific regions for their encrypted vaults, ensuring data never leaves specified jurisdictions.
Zero-Knowledge API<
Our internal nodes process data in volatile memory (RAM), ensuring that unencrypted PII never touches a permanent disk.
Officer Vetting
Every Archonite Compliance Officer undergoes monthly background checks and operates in a high-security biometric environment.
Application Logic
Secure coding practices and rigorous testing methodologies.
SDLC
Every line of code undergoes static analysis and peer review before merging. We strictly adhere to OWASP Top 10 mitigation strategies.
Token Management
API keys are cryptographically hashed using Argon2id before storage. We never display full secrets after initial generation.
Sanitized Logs
Our logging pipeline automatically detects and redacts PII (Personally Identifiable Information) to ensure logs remain compliant.
Rate Limiting
Intelligent rate limiting per IP and API token prevents brute-force attacks and resource exhaustion.
Security Research Program
Security is a community effort. If you believe you have found a vulnerability in Archonite's infrastructure, we encourage you to report it. We offer competitive bounties for valid, high-severity findings.
Any research conducted under this policy is considered "authorized" conduct. Archonite will not initiate legal action against researchers who:
- Conduct research without harming Archonite or its users.
- Adhere to the laws of their applicable jurisdiction.
- Do not access, modify, or use data belonging to others.
- Give us reasonable time to remediate before public disclosure.
Scope of Research
Security is a community effort. If you believe you have found a vulnerability in Archonite's infrastructure, we encourage you to report it. We offer competitive bounties for valid, high-severity findings.
| Asset | Type |
|---|---|
| *.archonite.xyz | Core Web Platform |
| api.archonite.xyz | Internal REST API |
| Archonite Signed Payload | Proprietary Encryption (ASP) |
| Archonite SDK | Mobile/Web Client Libraries |
* Third-party services (e.g., Vercel) are out of scope. Please report vulnerabilities for those assets directly to the respective providers.
Submission Process
To report a vulnerability, please email us.
Detailed description of the vulnerability.
Steps to reproduce (Proof of Concept).
Potential impact on Archonite infrastructure.
PoC must be after August, 2025.
Bounty Program
We offer financial rewards for qualifying vulnerabilities based on severity:
- Critical$401 - $500
- High$201 - $400
- Medium$100 - $200
This is allocated budget based on Archonite's current revenue.
Prohibited Activities
Security and penetration testing program prohibits activities that can cause disqualifications on the aforementioned rewards.
No Social Engineering
Attacking Archonite employees, contractors, or customers via phishing or physical access.
No Resource Exhaustion
DoS/DDoS attacks or any activity that degrades performance for our users.
No Exfiltration
Downloading or retaining any PII/Sensitive data beyond what is needed to prove a PoC.
No Destructive Testing
Attempts to delete or permanently alter data in our production or development environments.