Security Policy

IceCore.ai is committed to protecting the confidentiality, integrity, and availability of customer data through layered technical and organizational controls.

1. Data Protection

Data is encrypted in transit and at rest where supported by our providers. Access is restricted based on role and least-privilege principles.

2. Authentication and Access

We employ robust authentication, session management, and audit controls. Administrative access is protected by MFA and monitored.

3. Vulnerability Management

We regularly patch dependencies, monitor for vulnerabilities, and address issues based on severity and risk.

4. Incident Response

We maintain an incident response process to detect, contain, and remediate security events and to notify affected parties as required by law.

5. Compliance

We follow industry best practices and align with common standards relevant to our size and risk profile. Formal certifications may be pursued as we grow.

6. Contact

Report a security issue or contact us at security@icecore.ai.