Security

Remote agents follow comprehensive security measures for protecting code and infrastructure.

Deployment Security

Network Isolation

• No ingress requirements for on-premise

• All outbound connections to GitHub

• Internal communication only

Authentication & Authorization

• GitHub App OAuth flow

• Role-based access control

• Session management

• API key rotation

Data Security

Code Handling

• Temporary storage only

• Encrypted at rest

• Secure deletion after use

• No persistent code storage

Audit Logging

• All actions logged

• Tamper-proof storage

• Retention policies

• Export capabilities

Compliance Features

Access Control

Role              Permissions
────              ───────────
Admin             Full system access
Developer         Runbook create/edit/execute
Reviewer          Read-only, PR approve
Auditor           Logs and reports only

Team Isolation

• Separate workspaces

• No cross-team visibility

• Independent resource allocation

• Isolated execution environments

Security Best Practices

1. Regular Updates

   • Keep agents updated

   • Patch dependencies

   • Update LLM models

2. Access Management

   • Principle of least privilege

   • Regular access reviews

   • MFA enforcement

3. Monitoring

   • Anomaly detection

   • Usage patterns

   • Failed authentication attempts

   • Resource consumption

4. Incident Response

   • Clear escalation procedures

   • Automated alerts

   • Rollback capabilities

   • Post-mortem process