Security

In-a-Nutshell

XCoding Labs, LLC ("We" or "Us") owns the platform that performs the code analysis. We do not own or claim any ownership of the source code sent to our platform.

We do not keep the source code on our servers. Only the results of our analysis are kept.

User credentials (passwords, tokens, etc.) are being encrypted and never kept clear on our servers at any moment.

If you have any questions regarding this security policy, please contact us.

Source Code Security

Source code is being automatically deleted after analysis is complete.

We embrace the least privilege and use only the minimum number of privileges to perform an analysis.

Payment and Credit Card

We do not store any credit card information of any kind. Our payment infrastructure relies on Stripe that is certified to PCI Service Provider Level 1.

Hosting

Our system is hosted on Amazon Web Services (AWS). Credentials are protected and encrypted.

Backups are managed by AWS services. No data is stored outside of AWS for normal operations.

Communications

All communications, either with the user or with third-party services, are encrypted using HTTPS and TLS 1.2.

Reporting a security issue

Security is fundamental to us and if an issue is found, we will work quickly to fix it. If you find a potential breach or have any questions, please contact us.