Security at 2ndOpinion

Your code is your most valuable asset. Here is how we protect it.

Data Encryption

  • In transit: All connections use TLS 1.3. API requests, webhook deliveries, and dashboard access are encrypted end-to-end.
  • At rest: Database storage uses AES-256 encryption via Neon PostgreSQL. Backups are encrypted with the same standard.

Authentication

  • Dual auth: JWT tokens and API keys are both supported. The gateway tries both methods in order.
  • Password security: Passwords are hashed with bcrypt and salted. We never store plaintext passwords.
  • Token rotation: Refresh tokens are rotated on each use, limiting the window for token theft.

Code Handling

  • Short-lived cache: Code diffs are cached for a maximum of 5 minutes for performance, then permanently deleted.
  • No permanent storage: We do not store your source code in our database. Request logs contain metadata only (timestamps, model, status) — not code content.
  • No training: Your code is never used to train or fine-tune any AI models by 2ndOpinion.

Infrastructure

  • Vercel: SOC 2 Type II compliant. Application hosted in the Portland (pdx1) region.
  • Neon: SOC 2 compliant PostgreSQL with automated backups and point-in-time recovery.
  • Stripe: PCI DSS Level 1 compliant. We never handle or store credit card numbers.

Rate Limiting & Abuse Prevention

  • API rate limits: 10 requests per minute per user to prevent abuse and ensure fair usage.
  • Auth protection: Brute-force protection on login and signup endpoints with progressive delays.
  • Credit system: Every request has a credit cost, providing a natural throttle against bulk abuse.

API Key Security

  • SHA-256 hashed: API keys are hashed before storage. We never store the plaintext key after initial generation.
  • Scoped permissions: Keys can be scoped to specific operations and marked as sandbox (no credit cost) for testing.
  • Instant revocation: Revoke compromised keys immediately from your dashboard. Revoked keys are rejected on the next request.

Monitoring & Logging

  • Health checks: Automated health checks every 5 minutes for all LLM providers and core infrastructure.
  • Error logging: All errors are logged with full context for rapid incident response.
  • Log retention: System logs are retained for 7 days, request logs for 30 days, then automatically purged by scheduled cron jobs.

Responsible Disclosure

If you discover a security vulnerability in the 2ndOpinion platform, we ask that you report it responsibly. Please email security@get2ndopinion.dev with details of the vulnerability.

  • Response time: We will acknowledge your report within 48 hours.
  • No retaliation: We will not take legal action against good-faith security researchers.
  • Coordination: We will work with you to understand the issue and coordinate a fix before public disclosure.

LLM provider data handling

When you run an analysis, your code diff is sent to the LLM provider you select. Here is how each provider handles your data.

A

Anthropic (Claude)

API inputs are not used for training. Data is processed and discarded. Enterprise-grade data handling.

O

OpenAI (Codex)

API data is not used for training by default. Retained for up to 30 days for abuse monitoring, then deleted.

G

Google (Gemini)

Paid API usage is not used for model training. Data is processed per Google Cloud's data processing terms.

Have security questions?

Reach out to our security team. We are happy to discuss our practices in detail.

Contact Security Team