Skip to content

Trust & security

Security at Sensorix

Sensorix was built by a security operator, for security teams. We hold our own systems to the standard we promise our customers — and we tell you plainly what is in place today versus what is on the roadmap.

Last updated June 15, 2026

Security isn’t a feature bolted onto Sensorix — it is the reason the company exists. Our copilots are designed to take recurring security work off your team without handing autonomous systems the keys to your environment. The principles below describe how we approach that.

Core principles

  • Least privilege. Copilots request the narrowest scope needed for the job, and use read-only access wherever the work allows it.
  • Scoped connectors. Integrations are limited to specific systems and permissions you approve, not blanket access to your stack.
  • Human in the loop. Nothing sensitive or destructive executes without explicit human approval. Copilots prepare the work; your team makes the call.
  • Full audit logging. Every action a copilot takes is logged, so there is always a clear, reviewable record of what happened and why.
  • No training on your data. We do not use your data to train models, and we never sell it.
  • Encryption in transit. Traffic to and from the Site and our services is encrypted using industry-standard TLS.

Compliance & frameworks

Our copilots are built to help you maintain programs such as SOC 2, ISO 27001, HIPAA, CMMC, and NIST — collecting evidence, mapping controls, and keeping them audit-ready between cycles.

Sensorix is early by design. Rather than imply certifications we do not yet hold, we will publish formal attestations and reports here as we complete them. If your procurement process needs specific documentation today, talk to us and we will tell you exactly where we stand.

Data handling

How we collect and process information on this website, in our AI assistant, and on behalf of customers is described in our Privacy Policy. In short: we minimize what we collect, scope access tightly, log actions, and keep humans in control of anything consequential.

Responsible disclosure

We welcome reports from security researchers. If you believe you have found a vulnerability in our website or services, please tell us before disclosing it publicly, and give us a reasonable chance to investigate and fix it.

How to report

Email info@sensorix-ai.com with the subject line “Security report.” Please include:

  • A clear description of the issue and where you found it.
  • Steps to reproduce it, including any proof-of-concept.
  • The potential impact as you see it.

Good-faith safe harbor

We will not pursue or support legal action against researchers who, in good faith, follow this policy. To stay within it, please:

  • Only test against your own accounts or data — never access, modify, or delete data that isn’t yours.
  • Avoid privacy violations, service degradation, and any denial-of-service testing.
  • Give us reasonable time to remediate before any public disclosure.

Contact

For anything security-related, reach us at info@sensorix-ai.com.

Questions about this page? Get in touch.