Security

Overview

Codehawk is built to help teams during incidents, so security and tenant isolation are first-class design constraints.

If you've found a security issue, please email security@codehawk.orgwith an appropriate subject.

Tenant isolation

Signals are processed in a tenant-specific context. The signal-service is designed so each tenant's data is stored and queried within its own data store.

This model keeps the signal data layer simple and reduces the risk of cross-tenant access.

Transport security

• Encryption in transit (HTTPS/TLS) for the web app and APIs.
• For internal signal-service communication, mutual TLS (mTLS) is used to restrict who can connect.

Data retention & deletion

Retention is customer-driven. We can support tenant-specific retention periods, residency requirements, and self-hosted deployments where that fits your risk posture.

Security posture

We don't claim specific certifications on this page. If you need a security review, vendor questionnaire, or to discuss controls (SSO, SCIM, audit logs, IP allowlists), email us.