Node8
Contact

Security

Last updated: March 30, 2026

1. Security Program

Node8 applies layered technical and organizational controls designed to protect confidentiality, integrity, and availability of systems and data.

2. Infrastructure and Access Controls

  • Encryption in transit and, where applicable, encryption at rest.
  • Role-based access control and least-privilege principles.
  • Multi-factor authentication for administrative or sensitive access paths.
  • Network segmentation and hardened service configurations where applicable.

3. Monitoring and Vulnerability Management

  • Continuous monitoring, logging, and alerting for suspicious activity.
  • Routine vulnerability scanning and prioritized remediation workflows.
  • Security updates and patch management practices for supported systems.
  • Periodic review of dependencies and third-party components.

4. Operational Security Practices

  • Security awareness practices for team members and contractors.
  • Change management and peer review for critical system updates.
  • Data handling procedures that limit access to authorized personnel.
  • Vendor and third-party risk review where external tools are used.

5. Incident Response

We maintain incident response practices to identify, contain, investigate, and remediate security events, with communication handled based on severity and legal obligations.

6. Shared Responsibility

Customers and users are responsible for protecting credentials, securing endpoint devices, and configuring access permissions appropriately within their own environments.

7. Reporting Security Issues

If you identify a potential security issue, contact us promptly at team@node8.ai with reproduction steps, impact details, and relevant logs.