Security and trust
We build products that interact with customer infrastructure. That responsibility shapes every technical decision we make.
Security principles
Minimal privilege by default
Our products request the smallest possible set of permissions needed to function. If read-only access is sufficient, we never request write access.
Customer-controlled access
All access credentials are managed and revocable by the customer. We never store credentials that cannot be independently rotated or revoked.
Transparency
We document exactly what permissions each product requires, what data is accessed, and how it is processed. No hidden data collection.
Defence in depth
We apply security controls at multiple layers. No single control failure should compromise customer data.
Infrastructure security
Our products are hosted on major cloud providers with industry-standard security controls:
- Encrypted data at rest and in transit
- Network isolation between customer environments
- Automated vulnerability scanning
- Regular dependency updates and security patching
- Structured logging and audit trails
Responsible disclosure
If you believe you have found a security vulnerability in any Latent Search product, we encourage responsible disclosure.
Please contact us at security@latentsearch.io with details of the vulnerability. We will acknowledge receipt within 48 hours and work with you to understand and resolve the issue.