Security Commitment
Last Updated 2025-11-12
Every user's sensitive information deserves proper protection. The following outlines AskCc's security practices.
1. Infrastructure Security
AskCc is deployed in multi-availability-zone cloud environments, with all services featuring auto-scaling and redundant backups to ensure stable operation during single-point failures.
We regularly perform penetration testing and vulnerability scanning, completing remediation within SLA timeframes based on CVSS ratings.
2. Application and Interfaces
Admin portals enforce MFA and fine-grained permission controls, while supporting enterprise SSO/SAML integration.
API calls require short-lived access tokens with minimum necessary permissions, which can be instantly revoked from the console.
3. Monitoring and Response
We monitor critical metrics and anomalous behavior in real-time. Upon detecting potential intrusion, abuse, or data leak risks, we immediately initiate emergency response procedures.
When a security incident affects you, we will notify designated contacts via in-product notifications or email as quickly as possible, along with remediation recommendations.
4. Customer Collaboration
Enterprise customers can request security assessment materials (such as penetration test reports, compliance certifications) and work with us to complete security hardening plans.
If you discover vulnerabilities or weaknesses, please report them to security@pyznai.com. We will fix confirmed issues promptly and acknowledge your contribution.