Hirnex

Security Policy

Last Updated: January 24, 2026

1. Our Security Commitment

Hirnex is designed to govern the critical operations of IT service companies. We understand that the integrity, confidentiality, and availability of your data are paramount. This Security Policy details the technical and organizational measures we implement to protect your information.

Defense in Depth

Multi-layered security controls across our infrastructure, application, and data layers.

Encryption Everywhere

Data is encrypted at rest and in transit using industry-standard protocols.

Resilient Infrastructure

Hosted on top-tier cloud providers with redundancy and automated failover.

Audit Trails

Immutable logging of all critical system actions via our Trust Ledger.

2. Infrastructure Security

Hirnex hosts its application and data in secure data centers provided by AWS and Vercel. These providers maintain certifications including SOC 2 Type II, ISO 27001, and PCI-DSS.

  • Physical Access: Access to physical data centers is strictly controlled by biometric authentication and 24/7 surveillance.
  • Network Security: We employ firewalls, intrusion detection systems, and VPC isolation to prevent unauthorized network access.
  • DDoS Protection: Automated mitigation systems protect against volumetric and application-layer attacks.

3. Data Protection

Encryption at Rest

All user data stored in our databases is encrypted at rest using AES-256 encryption. This ensures that even in the unlikely event of physical disk theft, data remains unreadable.

Encryption in Transit

Data transmitted between your browser and our servers is encrypted using TLS 1.2 or higher. We prioritize strong cipher suites and support HSTS (HTTP Strict Transport Security).

4. Application Security

  • Authentication: We use secure, token-based authentication mechanisms. Passwords are never stored in plain text; they are hashed and salted using bcrypt or Argon2.
  • Access Control: Role-Based Access Control (RBAC) enforces strict permission boundaries. Tenants are logically isolated to prevent data leakage.
  • Input Validation: All user inputs are sanitized and validated to prevent injection attacks (SQLi, XSS).

5. The Trust Ledger

A core feature of Hirnex is the "Trust Ledger," an immutable append-only log of all governance decisions. This feature provides a cryptographic-like assurance of audit history, ensuring that decision records cannot be tampered with retroactively. This serves both as a feature and a security control for data integrity.

6. Incident Response

We have a comprehensive Incident Response Plan in place to handle security events. In the event of a data breach, we are committed to:

  • Promptly investigating and containing the breach.
  • Notifying affected users within 72 hours of confirmation.
  • Providing transparent updates and remediation steps.

7. Vulnerability Reporting

We value the contributions of the security research community. If you discover a vulnerability in Hirnex, please conduct yourself in accordance with our Responsible Disclosure principles:

  • Do not exploit the vulnerability to view or manipulate user data.
  • Report the issue immediately to security@hirnex.com.
  • Allow us reasonable time to fix the issue before public disclosure.