Security
Built with security as the foundation, not an afterthought
Security is core to Skyscape's architecture. Whether self-hosted or using our managed service, your code and data are protected by multiple layers of security.
🔐 Authentication
- • JWT-based authentication
- • Secure password hashing (bcrypt)
- • HttpOnly session cookies
- • CSRF protection
- • Role-based access control
🛡️ Infrastructure
- • Isolated Docker containers
- • Network segmentation
- • Automatic SSL/TLS (Let's Encrypt)
- • Firewall configuration (UFW)
- • Regular security updates
💾 Data Protection
- • Encrypted at rest
- • Encrypted in transit (HTTPS)
- • Daily encrypted backups
- • Secure file permissions
- • No data sharing with third parties
🔍 Code Security
- • Input validation and sanitization
- • SQL injection prevention
- • XSS protection (auto-escaping)
- • Path traversal prevention
- • Secure defaults
Self-Hosted Security
When you self-host Skyscape, you have complete control over security:
- Deploy on your own infrastructure (on-premise or cloud)
- Configure your own firewall rules
- Integrate with your existing security tools
- Audit all code (100% open source)
- Control which integrations to enable (GitHub, AI providers)
Hosted Security
Our hosted service adds additional security measures:
- 24/7 monitoring and incident response
- DDoS protection
- Regular penetration testing
- Compliance with industry standards
- Dedicated security team
Responsible Disclosure
We take security vulnerabilities seriously. If you discover a security issue:
- Email us at security@theskyscape.com
- Include detailed steps to reproduce the issue
- Allow us reasonable time to address the issue before public disclosure
- We'll acknowledge receipt within 48 hours
- We'll keep you updated on our progress
We appreciate responsible disclosure and will credit researchers who help us improve Skyscape's security.