Security at CyberHeera

We are a cybersecurity company. We treat our own platform the way we ask customers to treat theirs.

Data is encrypted in transit using TLS. Authentication uses short-lived JWTs with refresh-token rotation. The platform supports SAML 2.0 and OIDC for single sign-on, and SCIM 2.0 for identity provisioning. All actions that modify or expose data run through a two-step consent gate that mints a short-lived consent token before the action executes, and every action lands in a tenant-scoped audit log.

We do not yet hold a third-party compliance attestation such as SOC 2 or ISO 27001. We are designing for those audits and will publish progress here when we begin them. We won't claim a certification we don't have.

Found a security issue? Email security@cyberheera.com.