SyberOps Trust Center
syberops.com →
Trust Center · v1.2

How SyberOps handles your data.

SyberOps operates two platforms: an agentic AI triage pipeline over your security alerts, and a multi-tenant threat hunting workspace. This page documents — for each — where data goes, who can see it, which third parties are involved, what controls you have, and where we are on compliance. Pick a platform below.

Last updated 4 July 2026

01 At a glance

Quick status of the commitments customers ask about most frequently. Each item is linked below to the full detail.

Encryption in transit LiveTLS 1.3
Encryption at rest LiveAES-256
Anthropic Zero Data Retention In flightSales-approved
No training on customer data LiveContractual
SOC 2 Type I Q3 2026Kickoff
GDPR DPA In flightTemplate drafting
HIPAA BAA GatedOn PII redaction
Customer data export LiveJSON via API

02 Where your data goes

Three distinct data flows leave your environment for SyberOps. Each has different scope, different vendors, and different protections. Layers 2 and 3 stay inside our boundary or talk to lookup-only APIs; only Layer 1 sends alert text to a large language model.

     Your environment
            │
            │  TLS 1.3 / wss://
            ▼
   ┌────────────────────────────────────────┐
   │   SyberOps backend (Railway, us-west)   │
   │   • stateless Express + WebSocket       │
   │   • Postgres (Neon, AES-256 at rest)    │
   │   • per-tenant row isolation            │
   └────────────────────────────────────────┘
            │
            ├──── Layer 1 ────► api.anthropic.com
            │     Full alert text. Triage agent reasoning.
            │     Zero Data Retention enabled (in flight).
            │
            ├──── Layer 2 ────► api.abuseipdb.com  (IPs only)
            │                  www.virustotal.com (hashes / domains / IPs only)
            │     One indicator at a time, no surrounding context,
            │     LOOKUP-only — never submission.
            │
            └──── Layer 3 ────► (stays local)
                  MITRE ATT&CK mapping, knowledge base, asset registry,
                  block / exclusion lists, audit log, final report.
                  Never leaves SyberOps.
Layer 1 · Anthropic Claude
Receives the full alert text. Used by the 6-agent triage pipeline. Contractually not used for training; Zero Data Retention enablement is in flight with Anthropic Sales.
Layer 2 · Threat-intel lookup APIs
AbuseIPDB and VirusTotal see one IOC at a time via read-only lookup endpoints — they have no idea which alert or customer generated the query.
Layer 3 · Stays inside SyberOps
MITRE ATT&CK reference, customer-specific knowledge base, asset registry, block / exclusion lists, audit log, final report — never transmitted outside our boundary.

For customers who can't have ANY alert text touch external infrastructure: the Sovereign and Air-gap tiers below route Claude calls through the customer's own Anthropic account or replace Anthropic with a local LLM.

03 Subprocessors

Third parties that process customer data on our behalf. Each is bound by a data-processing agreement. New subprocessors are announced 30 days in advance via this page.

Vendor Data processed Region Certifications
AnthropicLLM inference (Claude) Alert text, agent reasoning US (multi-region) SOC 2 Type II · ZDR available · BAA available
AbuseIPDBIP reputation lookups Individual IP addresses US Lookup-only API · no PII transmitted
VirusTotal (Google)Hash / domain / IP reputation Individual hashes, domains, IPs Global (Google Cloud) SOC 2 / ISO 27001 (Google) · lookup-only
RailwayBackend compute hosting Application runtime; alert text in-memory only US-West SOC 2 Type II
NeonPostgres (jobs, reports, audit log) Triage reports, audit events US-East (default; EU-West / APAC on request) SOC 2 Type II · GDPR · encryption at rest
NetlifyFrontend CDN Static assets (no customer data) Global edge SOC 2 Type II · ISO 27001
ResendTransactional email (OTP) Analyst email addresses, 6-digit OTP codes US SOC 2 · GDPR-compliant
GitHubSource code repository (private) None (source only) Global SOC 2 Type II · ISO 27001 · FedRAMP Moderate

04 Deployment tiers

Four deployment models depending on how sensitive your alerts are. Most agentic SOC vendors offer only Standard; SyberOps lets you choose the data-residency posture that fits your risk profile.

Tier 2 Privacy Standard, plus a PII redaction layer that masks emails, internal hostnames, usernames and configurable fields before alert text reaches Anthropic. Best for: healthcare, financial services, EU customers, anyone signing a BAA or DPA. Phase 1 — Q3 2026
Tier 3 Sovereign Customer brings their own Anthropic API key. Every Claude call routes through your Anthropic account, your billing, your ZDR setting. Our infrastructure never sees your Anthropic invoice. Best for: government, defense, large enterprise CISO requirements. Phase 2 — Q4 2026
Tier 4 Air-gap No external APIs. SyberOps deployed in your VPC. Local LLM (Llama 3.1 70B or comparable) replaces Claude. Full sovereignty; some loss in verdict quality. Best for: classified workloads, intelligence community, certain defense primes. Phase 3 — Q1 2027

05 Security controls

Technical and organisational controls in place today across the platform.

A
Authentication
Email-based OTP + HS256 JWT for analyst sessions. Programmatic access via scoped API keys (X-Api-Key) with per-tenant labels. SAML SSO + SCIM on roadmap.
T
Transport security
TLS 1.3 end-to-end. HSTS enforced. WebSocket connections use wss://. No plaintext traffic anywhere.
R
Encryption at rest
Postgres on Neon with AES-256 at rest. Daily encrypted backups with 7-day point-in-time recovery (30 days on paid tier). Secrets in Railway environment variables, never in code.
I
Tenant isolation
Per-tenant row-level filters enforced in every database query. Knowledge base + asset registry + block lists scoped per tenant. No cross-tenant JOIN paths.
P
Prompt-injection defence
Alert text wrapped in <alert> tags; system prompt explicitly instructs the model to treat the content as data, never as instructions. Multi-layer agent design isolates parsing from decision-making.
L
Audit log
Server-side append-only log of every analyst action (approve, escalate, mark FP, comment) and every outbound third-party API call. Customer-accessible via the Compliance dashboard.
K
Secret management
Per-tenant secrets (Jira PATs, webhook HMAC secrets) stored as Railway environment variables, never in the database. 90-day rotation policy. Pre-commit secret scanning via GitGuardian.
D
DDoS & abuse
Cloudflare in front of all public endpoints. Per-IP rate limits on auth + webhook routes. Per-tenant rate limits on triage volume to prevent cost-shape abuse.

06 Customer-side controls

Knobs you control on your own tenant — no support ticket required.

  • Block list & exclusion list per tenant. Mark known-bad indicators as TP signal and known-good indicators as FP signal. Edits take effect on the next triage.
  • Asset registry. Mark hosts as environment: prod / test / dev and criticality: critical / high / medium / low. The agent down-weights severity for confirmed TPs on test hosts and up-weights for crown-jewel assets.
  • External-intel kill switch. Disable AbuseIPDB and VirusTotal calls entirely if you can't have IOCs leave your boundary. Agents fall back to MITRE-only + tenant knowledge base.
  • PII redaction tier. Off, partial, or full. Configurable per tenant. Full redaction masks emails, internal hostnames, usernames, IPs, credit cards, AWS access keys, JWTs in stack traces, before alert text reaches the LLM.
  • BYO Anthropic key. Plug in your own Anthropic workspace key — every Claude call for your tenant flows through your account, your ZDR setting, your billing relationship. (Phase 2)
  • Data export. JSON export of all triage reports, audit events, and tenant configuration via GET /api/v1/export. Available at any time.
  • Data deletion. Hard-delete via support request within 30 days of contract termination. Audit log retained per regulatory minimum, then destroyed.
  • Customer audit access. See every time a SyberOps engineer accessed your tenant data. Logged automatically; exposed in the Compliance dashboard.

07 Compliance roadmap

Honest status of each compliance commitment. We don't claim certifications we don't hold. Items marked "in flight" have an active engagement; items marked "planned" have a target quarter but no work started yet.

SOC 2 Type I
Audit kickoff scheduled for Q3 2026 with Vanta. Type II observation window begins post-Type-I.
Q3 2026
SOC 2 Type II
Six-month observation window post-Type-I. Report available to customers under NDA from Q2 2027.
Q2 2027
Anthropic ZDR
Sales-team enablement request submitted to Anthropic on 13 June 2026. Awaiting Enterprise tier provisioning. Required for HIPAA BAA + GDPR DPA we sign with customers.
In flight
GDPR — DPA template
Standard Contractual Clauses + SyberOps-specific data-processing addendum. In drafting with privacy counsel.
In flight
HIPAA BAA
Gated on the PII redaction layer (Phase 1, Q3 2026). Available to healthcare-adjacent customers thereafter.
Q3 2026
ISO 27001
Stage-1 audit targeted for Q3 2027 once SOC 2 Type II is in hand.
Q3 2027
Penetration test
Annual cadence starting Q4 2026 with a reputable firm (Trail of Bits / NCC Group / Cure53). Summary report available to customers under NDA.
Q4 2026
Bug bounty programme
Public programme on Intigriti / HackerOne post-SOC-2-Type-I.
Q3 2026

08 Vulnerability disclosure

If you believe you've found a security issue in SyberOps, please email security@syberops.com. Our PGP key fingerprint is available on request.

We commit to:

  • Acknowledging your report within 24 hours.
  • Providing an initial assessment within 72 hours.
  • Resolving high- and critical-severity findings within 14 days.
  • Crediting you publicly once the fix ships (with your permission).
  • Not pursuing legal action against good-faith research that follows responsible disclosure.

Please give us a reasonable window to remediate before public disclosure.

09 Contact

For customers under contract, your Customer Success contact is the fastest path for any of the above.

01 What it does

The SyberOps Threat Hunting Platform is a multi-tenant hunting workspace. Analysts turn any IOC, IOA, MITRE ATT&CK technique, or free-text hypothesis into native detection queries, fan them across each client's connected SIEM/EDR tools, and get an aggregated, reputation-enriched read-out with known threat-intel matches — backed by an append-only audit trail. It applies the same data-minimisation and tenant-isolation principles as the triage Agent.

  Indicator / Hypothesis  ─►  Classify  ─►  Generate per-tool queries
                                                      │
                                                      ▼
                                   Fan out  (client × tool, concurrent)
                                                      │
                                                      ▼
                                   Aggregate  ─►  Optional AI assessment
                                                      │
                                                      ▼
                                          Export (CSV / Excel)  ·  Audit

Supported tools today: Microsoft Sentinel, Microsoft Defender for Endpoint, Splunk, Securonix, SentinelOne, Wazuh, Rapid7 InsightIDR, and Seceon. Analysts can also start from a curated library of MITRE ATT&CK-mapped hypotheses, upload a CSV/Excel of indicators for a bulk hunt, and enrich every finding with reputation from VirusTotal and AbuseIPDB. Curated threat intel is ingested from abuse.ch (ThreatFox / URLhaus / MalwareBazaar) and vetted security-research feeds for analyst review before any hunt.

02 Where your data goes

A hunt talks to your connected tools within a single client tenant and enriches findings from lookup-only intel and reputation services (queried by indicator value only). The AI layer is used solely to draft hunt hypotheses from public threat intelligence — it never receives customer results. Raw event rows never leave the platform.

     Analyst: indicator / hypothesis
            │
            ▼
   ┌────────────────────────────────────────┐
   │   Hunting backend (stateless workers)   │
   │   • FastAPI · bounded concurrency gate  │
   │   • Postgres — RBAC, encrypted creds,   │
   │     threat-intel store, audit log       │
   │   • per-tenant client scoping           │
   └────────────────────────────────────────┘
            │
            ├──── Connected tools ──► Sentinel · Defender · Splunk · Securonix ·
            │        SentinelOne · Wazuh · Rapid7 · Seceon  (least-privilege API
            │        creds, TLS-verified, one client tenant at a time)
            │
            ├──── Threat intel ─────► abuse.ch (ThreatFox / URLhaus / MalwareBazaar) +
            │        security-research feeds  — lookup / ingest only
            │
            ├──── Reputation ───────► VirusTotal · AbuseIPDB
            │        Queried by indicator value only (an IP / domain / hash) —
            │        no customer event data is ever sent.
            │
            └──── AI (hypotheses) ──► api.anthropic.com  (optional)
                     Used ONLY to draft hunt hypotheses from PUBLIC threat intel +
                     MITRE. It never receives client results, logs, hosts, or creds.
Result data stays inside SyberOps
Raw hunt result rows are never persisted in the audit log and never sent to the LLM. The audit trail keeps query metadata, counts, and status only.
Tenant-scoped connectors
Each hunt runs against a single client's connected tools using least-privilege, read-only credentials that are encrypted at rest and never returned by any API.
AI drafts hypotheses only
The optional AI layer drafts hunt hypotheses from public threat intel and MITRE ATT&CK — it never receives client results, logs, hosts, or credentials. The hunt read-out itself is produced by a deterministic on-platform heuristic.

03 Architecture & components

Stateless API, isolated per-instance workers, encrypted secrets at rest, and pluggable tool adapters. Nothing sensitive is hard-coded — all credentials come from the environment or the encrypted connection store.

API & orchestration
Python · FastAPI · Uvicorn (ASGI). Concurrent hunt fan-out with a bounded thread pool and a global concurrency gate.
Data & audit
PostgreSQL via SQLAlchemy. Users, RBAC, tenants, encrypted tool connections, threat-intel store, and an append-only audit log.
Identity
Password + TOTP MFA, or enterprise SSO via OpenID Connect (Authlib) — Entra ID, Okta, Google, Auth0.
Secrets at rest
Tool credentials encrypted with Fernet (AES-128-CBC + HMAC) before storage; keys sourced from a dedicated data-encryption key.
Tool adapters
Sentinel, Defender for Endpoint, Splunk, Securonix, SentinelOne, Wazuh, Rapid7 InsightIDR, Seceon — each isolated behind a common adapter contract.
Threat intel, reputation & AI
abuse.ch (ThreatFox / URLhaus / MalwareBazaar) + security-research feeds with context, plus VirusTotal / AbuseIPDB reputation (queried by indicator value only). Optional Claude layer drafts hypotheses from public intel — never customer results.
Deployment
Docker (non-root container, uid 10001), TLS terminated at the edge, HSTS + strict CSP, env-injected secrets, stateless workers.
Data residency
Postgres hosted in your chosen region; result rows are transient and processed in-memory, not persisted beyond the returned report.

04 Security controls

Technical controls in place today, verified in a security review of the platform.

A
Authentication & MFA
Password + TOTP multi-factor, or enterprise SSO via OpenID Connect (Entra ID, Okta, Google, Auth0). Admins can mandate MFA and force first-login enrollment.
S
Signed sessions
HMAC-SHA256 signed, HttpOnly · Secure · SameSite cookies with a bounded TTL. The signing key is required in production — the service fails closed if it is missing.
I
RBAC & tenant isolation
Super-admin / admin / analyst roles, plus scoped client-tenant logins. Analysts and tenants are limited to assigned clients under a default-deny model — no client access until explicitly granted.
Q
Injection defence
Indicator values are sanitised before entering generated queries; lookback windows and email recipients are strictly validated; exports are hardened against CSV/formula injection.
K
Encrypted tool credentials
SIEM/EDR connection secrets are encrypted with Fernet (AES-128-CBC + HMAC) before storage, sourced from a dedicated data-encryption key, and never displayed again after entry.
B
Brute-force & abuse limits
Dedicated rate limiting on every login/MFA endpoint (keyed by IP and account), per-identity request throttling, a global hunt-concurrency cap, and upload size limits.
L
Admin-only audit log
Append-only record of every hunt, export, sign-in, and admin action, visible to admins only. Immutable by design (INSERT/SELECT only).
H
Hardened delivery
Non-root container (uid 10001), strict Content-Security-Policy, HSTS, X-Frame-Options DENY, nosniff, and an explicit CORS origin allow-list.

05 Data handling

What the hunting platform stores, what it deliberately does not, and the boundary around the optional AI layer.

What we store
Accounts, roles, tenant assignments, encrypted tool credentials, curated threat indicators (with a short-lived reputation cache), the MITRE hypothesis library, and audit metadata.
What we don't store
Raw hunt result rows are not persisted in the audit log — only counts, status, and query metadata, to minimise exposure of customer data.
AI boundary
The optional AI layer is used only to draft hunt hypotheses from public threat intel and MITRE ATT&CK. It never receives customer results, logs, hosts, or credentials. Reputation lookups send only the indicator value (an IP / domain / hash) to VirusTotal / AbuseIPDB.

06 Disclosure & contact

A full security review of the hunting platform (findings and remediations) is available to customers under NDA. To request it, report a vulnerability, or ask a security question, use the same channels as the triage platform:

We acknowledge reports within 24 hours and resolve high- and critical-severity findings within 14 days.

© 2026 SyberOps. This page is informational; the controlling agreements are the ones in your signed contract with SyberOps.
syberops.com · agent.syberops.com