Security Commitment
Last Updated 2025-11-12
Every user's sensitive information deserves proper protection. The following outlines AskCc's security practices.
1. Infrastructure Security
AskCc is deployed in multi-availability-zone cloud environments, with all services featuring auto-scaling and redundant backups to ensure stable operation during single-point failures.
We regularly perform penetration testing and vulnerability scanning, completing remediation within SLA timeframes based on CVSS ratings.
2. Application and Interfaces
Admin portals enforce MFA and fine-grained permission controls, while supporting enterprise SSO/SAML integration.
API calls require short-lived access tokens with minimum necessary permissions, which can be instantly revoked from the console.
3. Monitoring and Response
We monitor critical metrics and anomalous behavior in real-time. Upon detecting potential intrusion, abuse, or data leak risks, we immediately initiate emergency response procedures.
When a security incident affects you, we will notify designated contacts via in-product notifications or email as quickly as possible, along with remediation recommendations.
4. Customer Collaboration
Enterprise customers can request security assessment materials (such as penetration test reports, compliance certifications) and work with us to complete security hardening plans.
If you discover vulnerabilities or weaknesses, please report them to security@pyznai.com. We will fix confirmed issues promptly and acknowledge your contribution.
Security FAQ
Is AskCc data encrypted?
AskCc describes encrypted transport and encrypted storage as part of its security posture. The exact protection also depends on the product partition, configured cloud services, and the user account workflow in use.
Who can access production data?
AskCc limits production access to authorized operational needs such as support, reliability, abuse prevention, or legal compliance. Access should be role-based, logged where appropriate, and kept narrower than general product analytics.
What happens if there is a security incident?
AskCc investigates reported security events, works to contain and remediate confirmed issues, and notifies affected users or authorities when required by law, contract, or product policy.
How do I report a vulnerability or security concern?
Send details to support@pyznai.com, including affected pages, accounts, reproduction steps, and any evidence you can safely share. Avoid accessing other users' data or disrupting the service while reporting an issue.