Security Policy
Effective Date: March 1, 2026
1. Infrastructure Security
Fimil is hosted on DigitalOcean Kubernetes with encrypted storage, network isolation, and automated security updates.
2. Code Scanning Isolation
All scanners run in ephemeral containers with no network access, strict resource limits, and read-only filesystem mounts. Your source code is never persisted after a scan completes.
3. Data Encryption
All data is encrypted in transit (TLS 1.3) and at rest (AES-256). Database connections use SSL.
4. Access Control
We enforce least-privilege access, multi-factor authentication for internal systems, and row-level tenant isolation in the database.
5. Vulnerability Reporting
If you discover a security vulnerability, please report it to security@fimil.dev. We aim to acknowledge reports within 24 hours and resolve critical issues within 72 hours.
6. Compliance
View our current compliance posture at the Fimil Trust Center.