Overview

Documentation Index

Fetch the complete documentation index at: https://docs.pincites.com/llms.txt

Use this file to discover all available pages before exploring further.

​

Enterprise-Grade Security

​

Security & control

• End-to-end encryption: AES-256 for data at rest and TLS 1.2+ for data in transit
• SSO + MFA: Microsoft 365 single sign-on with optional multi-factor authentication
• Role-based access control (RBAC) with audit logs
• SOC-2 Type II certified with report available under NDA
• Annual third-party penetration tests and static analysis on every deploy
• Daily dependency updates to address known vulnerabilities
• US-only infrastructure: All servers and data hosted exclusively in the United States

​

LLM Provider Security

• OpenAI: Zero-data retention with no model training on API inputs (API Data Usage Policies)
• Anthropic: Zero-data retention with no model training on API inputs (Acceptable Use Policy)
• Google Gemini: Dedicated API service with no model training on customer data (API Terms)
• Cohere: No model training on customer data (Terms of Use)

​

Infrastructure Security

• GCP hosting with strict network segmentation and physical safeguards
• All customer data encrypted and stored in the US
• Redundant infrastructure to ensure uptime and high availability
• RTO/RPO tested regularly

​

Incident Response

• 24/7 monitoring
• Documented response plan tested regularly
• SLA-backed breach notification timelines
• Clear escalation paths in case of detected threats

​

Vendor Risk Management

• All vendors assessed using a formal security review process
• Contractual data protection terms for all subprocessors
• Access reviewed regularly to maintain compliance

​

Security Expertise

• Security team includes former GitHub security product lead
• All engineers receive mandatory security training
• Contact security@pincites.com for any concerns or disclosures