Security & Trust

SiskoAI is engineered from the ground up with security, reliability, and trust at its core. This page outlines our comprehensive approach to protecting data, systems, and users while maintaining transparency in our operations.

🔒

ENCRYPTED

✓

COMPLIANT

👁️

AUDITABLE

🚀

RELIABLE

🏗️ Security Architecture

Segregated Environments: Production and staging environments are completely isolated
Least-Privilege Access: All system access follows principle of minimum required permissions
Role-Based Permissions: Human agents have granular, auditable access controls
Immutable Audit Logs: All critical actions are logged and cannot be modified

🔐 Data Protection

Encryption in Transit: All data transmission uses TLS 1.2+ protocols
Encryption at Rest: Stored data is encrypted using industry-standard algorithms
Hashed Identifiers: Sensitive identifiers are tokenized and hashed
Secure Key Management: Cryptographic keys are rotated and stored securely

🤖 AI & Human Interaction Controls

Persona Isolation: AI personas are strictly enforced and isolated
Escalation Thresholds: Confidence-based triggers for human review
Human Review Gating: Critical decisions require human approval
AI Whisper Mode: AI provides suggestions without taking control

⚠️ Audit Protection: Human agents cannot silently impersonate AI without full audit visibility and logging.

🚫 Abuse Prevention

Rate Limiting: Per embed token and session rate limits prevent abuse
Email Cooldowns: Escalation requests have built-in cooldown periods
Prompt Injection Detection: Advanced filtering prevents malicious prompts
Anomaly Detection: Automated systems identify and flag suspicious behavior

📊 Monitoring & Incident Response

24/7 System Monitoring: Continuous monitoring of all critical systems
Security Alerts: Real-time alerting for security events
Incident Response Procedures: Documented and tested response protocols
Post-Incident Review: Comprehensive analysis and remediation after incidents

🤝 Third-Party Risk Management

SiskoAI relies on carefully vetted third-party providers for AI processing, payments, and infrastructure. All vendors undergo rigorous security and compliance reviews.

Security posture assessments for all critical vendors
Compliance verification and documentation
Regular vendor security reviews and audits
Contractual security requirements and SLAs

📋 Compliance Alignment

Aligned With Industry Standards

🇪🇺

GDPR Principles

🇺🇸

CCPA Requirements

🤖

AI Safety Standards

📊

SOC-Style Controls

🐛 Responsible Disclosure

Found a Security Vulnerability?

We take security seriously. If you believe you've discovered a security vulnerability, please report it responsibly to our security team.

security@amackmobile.com