Security built for high-trust work
Practitioners on CLIHub process sensitive communications, strategic language, and proprietary frameworks. Our security posture reflects that responsibility.
Security Architecture
Infrastructure Security
CLIHub is deployed on enterprise-grade cloud infrastructure with automatic encryption at rest (AES-256) and in transit (TLS 1.3). Database access is restricted to private networks; no direct public database connections are permitted.
Authentication Controls
All accounts support multi-factor authentication. Passwords are hashed using bcrypt with per-user salts. OAuth tokens follow the principle of least privilege and are rotated automatically on each session.
Network Hardening
Platform endpoints are protected by a Web Application Firewall (WAF), DDoS mitigation, and rate limiting. All API routes enforce authentication and input validation. Internal services communicate over mutually authenticated private channels.
Incident Response
A documented incident response plan is rehearsed quarterly. In the event of a confirmed data breach affecting personal data, we will notify affected users and relevant supervisory authorities within 72 hours of discovery.
Vulnerability Management
We conduct annual penetration tests and continuous dependency scanning. Critical vulnerabilities are patched within 24 hours of confirmation. We maintain a private bug-bounty programme for responsible disclosure.
Responsible Disclosure
We welcome security researchers. If you discover a potential vulnerability, please report it to security@clihub.co.uk with a description and reproduction steps. We commit to acknowledging reports within 48 hours and not pursuing legal action against good-faith researchers.
Security Controls Summary
Found a security issue?
We operate a responsible disclosure programme. Report vulnerabilities directly to our security team — we respond within 48 hours and never pursue legal action against good-faith researchers.