Security & Privacy

• Privacy Mode is enabled by default across analyzer workflows.
• Sensitive indicators (IPs, emails, hostnames, URLs, secrets) can be redacted before any AI processing.
• Analysts remain in control of what is submitted, and may review redactions before sending data downstream.

• SecPilot uses AI to assist with incident reporting and phishing analysis.
• Results are intended to support, not replace, analyst judgment.
• AI outputs may contain inaccuracies, omissions, or misclassifications.
• Analyst review is recommended before acting on any AI output.

• Uploaded files and screenshots are used for static analysis only.
• SecPilot does not execute uploaded files.
• SecPilot does not automatically open suspicious links.
• No malware detonation or sandboxing occurs.

• Reports and uploaded artifacts are stored securely.
• Authentication is required to access saved reports.
• Users can delete saved reports and uploaded artifacts at any time.

• SecPilot may use third-party reputation services such as VirusTotal.
• Reputation checks are supplemental signals, not verdicts.
• Third-party services may process submitted indicators under their own terms.

• Secure authentication for all analyst accounts.
• Server-side API key handling — keys never reach the browser.
• Protected backend functions with row-level access controls.
• Principle of least privilege across data access paths.
• Privacy-focused workflows from input to export.

• SecPilot is intended for defensive cybersecurity workflows.
• Users are responsible for lawful and ethical use of the platform and its outputs.

Questions about security or privacy practices? Contact the SecPilot team.