Gitar Logo

Security

Comprehensive security practices and data protection at Gitar

Security

Gitar takes security seriously. We implement comprehensive security measures to protect your code, data, and intellectual property throughout our autonomous code maintenance platform.

Overview

This document outlines our security practices, data handling policies, and compliance measures. We maintain transparency about our security posture while protecting the sensitive details of our implementation.

Infrastructure Security

Cloud Infrastructure

  • AWS-based Infrastructure: All services run on Amazon Web Services with strict access controls
  • Multi-Environment Isolation: Separate AWS accounts for development, staging, production, and management
  • Role-Based Access Control: AWS SSO with AdministratorAccess roles limited to authorized personnel
  • Network Security: Private VPCs with controlled ingress/egress rules

Container Security

  • Non-Root Execution: All containers run as non-privileged users
  • Minimal Attack Surface: Containerized environments with only necessary dependencies
  • Image Security: Regular security scanning of container images
  • Secure Entrypoints: Custom bootstrap processes with security validations

Authentication & Authorization

Multi-Factor Authentication

  • Clerk Integration: Enterprise-grade authentication with MFA support
  • OAuth 2.0 Compliance: Standards-compliant authentication flows
  • Session Management: Secure session handling with automatic expiration

Granular Permissions

  • Scope-Based Authorization: 20+ granular permission types including:
    • flags:read, flags:write - Feature flag operations
    • repos:read, repos:write - Repository access
    • plans:read, plans:write - Execution plan management
    • admin - Administrative functions
  • Organization Isolation: Complete separation between different organizations
  • API Token Management: Secure token generation with configurable expiration

Data Protection

Encryption

  • Data in Transit: All API communications encrypted with TLS 1.3
  • Data at Rest: AES-256-GCM encryption for sensitive file storage
  • Key Management: SHA-256 key derivation with proper nonce generation
  • Secure Random Generation: Cryptographically secure random number generation

Code Repository Security

  • Secure Checkout: Repository validation before any code access
  • Credential Management: Secure Git credential handling for GitHub and GitLab
  • Workspace Isolation: Sandboxed execution environments for code operations
  • Path Sanitization: Proper validation of file paths and repository structures

Secret Management

AWS Secrets Manager Integration

  • Centralized Secret Storage: All sensitive credentials stored in AWS Secrets Manager
  • Environment-Specific Secrets: Separate secret management for dev, staging, and production
  • Automatic Rotation: Support for automatic secret rotation

Service Credentials

  • Database Security: Encrypted connection strings and credentials
  • Third-Party Integrations: Secure storage of GitHub, GitLab, Slack, and other API tokens
  • Token Refresh: Automatic handling of token expiration and renewal

Data Retention & Privacy

Zero Data Retention Policy

  • No Code Storage: We maintain a strict zero data retention policy for customer source code
  • Ephemeral Processing Only: All code processing occurs in temporary, isolated environments
  • Immediate Deletion: Code is removed from our systems immediately after task completion
  • Third-Party Agreements: Zero data retention agreements with all AI providers (Google, Anthropic)
  • Audit Verification: Regular audits to ensure compliance with zero retention policies

Code Access Policy

  • Minimal Code Access: Only necessary code portions accessed for maintenance tasks
  • Temporary Processing: Code processed in secure, ephemeral environments
  • Audit Trail: Complete logging of all code access and operations

Ephemeral Storage Architecture

  • Container-Based Isolation: Each code processing task runs in isolated containers
  • Memory-Only Processing: Code loaded directly into memory, never written to persistent storage
  • Automatic Cleanup: Containers and all associated data destroyed upon task completion
  • No Disk Persistence: Processing environments configured with no persistent volumes
  • Encrypted RAM: Memory encryption for sensitive processing operations

Webhook Security

Signature Verification

  • HMAC-SHA256 Validation: All webhooks verified using HMAC-SHA256 signatures
  • Constant-Time Comparison: Cryptographically secure signature comparison
  • Timestamp Validation: Configurable tolerance (default 5 minutes) to prevent replay attacks
  • Multiple Provider Support: Dedicated validation for GitHub, GitLab, Slack, Linear, and other providers

Secure Development Lifecycle (SDLC)

Development Practices

  • Security by Design: Security considerations integrated from initial design phase
  • Code Review Requirements: All code changes require security-focused peer review
  • Dependency Scanning: Continuous monitoring of third-party dependencies for vulnerabilities

Security Testing

  • Penetration Testing: Annual third-party penetration tests
  • Vulnerability Assessments: Quarterly security assessments

Deployment Security

  • Infrastructure as Code: All infrastructure changes version controlled and reviewed
  • Immutable Infrastructure: Production deployments use immutable container images
  • Environment Segregation: Strict separation between dev, staging, and production

Security Training

  • Annual Security Training: Mandatory security awareness training for all engineers
  • Incident Response Drills: Quarterly security incident simulations

Data Storage & Processing

Storage Architecture

  • No Local Storage: Code processing servers have no persistent local storage
  • Ephemeral Operations: Code analysis performed entirely in temporary storage
  • Stateless Processing: Each task runs in completely stateless environment

Processing Isolation

  • Container Isolation: Each customer task runs in separate container
  • Network Isolation: No network access between customer processing environments
  • Resource Limits: Strict CPU and memory limits per processing task
  • Time Limits: Maximum execution time enforced for all operations

Data Flow Security

  • End-to-End Encryption: Code encrypted from repository to processing to disposal
  • No Intermediate Storage: Direct streaming from source to processing
  • Audit Trail: Complete audit log of data access without storing actual content

Audit & Compliance

Comprehensive Logging

  • Action Tracking: All user actions logged with complete metadata
  • Audit Trail: Immutable audit logs for compliance and security analysis

Compliance Framework

  • SOC 2 and ISO 27001: Security controls aligned with SOC 2 Type II and ISO 27001
  • GDPR Compliance: Data protection practices compliant with GDPR requirements
  • Regular Assessments: Ongoing security assessments and improvements

Integration Security

Third-Party Integrations

  • OAuth 2.0 Implementation: Standards-compliant OAuth flows for all integrations
  • State Parameter Validation: CSRF protection through state parameter verification
  • Scope Limitation: Minimal necessary permissions requested from integrated services
  • Secure Uninstallation: Proper cleanup of credentials and data upon integration removal

API Security

  • Rate Limiting: Protection against abuse through configurable rate limits
  • Input Validation: Comprehensive validation of all API inputs
  • Error Handling: Secure error responses without information leakage
  • CORS Configuration: Properly configured cross-origin resource sharing

Vulnerability Management

Security Monitoring

  • Dependency Management: Regular updates and security patches for all dependencies

Incident Response

  • Response Plan: Documented incident response procedures
  • Communication Protocol: Clear communication channels for security incidents
  • Recovery Procedures: Tested backup and recovery processes

Enterprise Features

Advanced Security Controls

  • IP Allowlisting: Restrict access to specific IP ranges
  • SAML SSO: Enterprise single sign-on with SAML 2.0
  • Okta Integration: Native integration with Okta identity provider

Frequently Asked Questions

Q: How does Gitar access my code repositories?

Gitar accesses repositories through secure OAuth integrations with GitHub and GitLab. We only access the specific repositories you configure and only perform the maintenance tasks you approve. All repository access is logged and auditable.

Q: Is my code stored on Gitar's servers?

No, we maintain a strict zero data retention policy. Code is processed exclusively in ephemeral environments that are destroyed immediately after task completion. We have zero data retention agreements with all our AI providers, ensuring your code is never stored or used for training.

Q: What happens to my data if I stop using Gitar?

Upon account deletion or service termination, all customer data is securely deleted within 30 days. This includes any temporary data, logs, and configuration information. Enterprise customers can request expedited deletion.

Q: Does Gitar train AI models on my code?

No, Gitar does not use customer code for training AI models. Your code remains private and is only used to perform the specific maintenance tasks you request.

Q: How does Gitar handle secrets in my code?

Gitar's processing environments are designed to avoid exposing secrets. Any secrets encountered during processing are not logged, stored, or transmitted outside the secure processing environment. Our ephemeral architecture ensures secrets exist only in encrypted memory during processing and are erased upon completion.

Q: What certifications does Gitar have?

We maintain security practices aligned with SOC 2 Type II / ISO 27001 requirements and are fully certified. We conduct regular third-party security assessments and maintain compliance with industry standards.

Q: What are your zero data retention agreements?

We maintain contractual zero data retention agreements with all AI providers including Google and Anthropic. These agreements ensure that no customer code is retained, stored, or used for model training. All processing occurs with zero-retention API endpoints.

Q: How does Gitar isolate different organizations?

Organizations are isolated at the database, application, and infrastructure levels. No organization can access another's data, configurations, or processing environments.

Contact & Support

For security-related questions or to report security vulnerabilities: