Security at TLINK PRO

All data transmitted between your browser, our API, and internal services is encrypted using TLS 1.2 or higher. We enforce HSTS and reject connections from clients that do not support modern cipher suites.

Data at rest — including relational database contents, object storage (S3), and backup snapshots — is encrypted with AES-256. Encryption keys are managed via AWS KMS with automatic annual rotation.

TLINK PRO is hosted entirely on Amazon Web Services (AWS). We operate within a private VPC with strict security-group rules; no production service is directly internet-accessible except through a hardened load-balancer tier.

Each customer's monitoring data is logically isolated in separate namespaces and database schemas. We apply OS and runtime security patches within 72 hours of a critical CVE disclosure and run automated patch compliance checks daily.

TLINK PRO supports role-based access control (RBAC) with three roles: Owner, Admin, and Analyst. Each role has clearly scoped permissions documented in the platform help center.

API keys are displayed only once at creation and stored as SHA-256 hashes — we cannot recover a plaintext key after creation. Two-factor authentication (2FA) via TOTP authenticator apps is supported and strongly recommended for all accounts. Admins can enforce 2FA organization-wide.

Every authenticated action on the platform — API calls, configuration changes, user invitations, data exports, and login events — is written to an immutable audit log. Logs are retained for 90 days and are accessible to account Owners and Admins in the platform UI.

Our internal infrastructure is monitored with anomaly-detection rules that alert our security team to unusual access patterns, privilege escalation attempts, and data-volume spikes. Security events trigger PagerDuty alerts for immediate triage.

We run automated dependency vulnerability scanning on every build using tooling that checks against the National Vulnerability Database (NVD) and GitHub Advisory Database. Critical and high-severity findings block deployments until resolved.

We welcome responsible disclosure from the security community. If you discover a vulnerability in TLINK PRO, please report it to security@admiresty.co. We commit to acknowledging all reports within 48 hours and resolving critical issues within 7 days.

We maintain a documented incident-response plan with defined severity levels, escalation paths, and communication procedures. A dedicated on-call security rotation ensures rapid response at any hour.

In the event of a confirmed data breach that affects customer data, we will notify affected customers within 24 hours of confirming the scope, consistent with GDPR Article 33 and applicable breach-notification laws. Notifications will include the nature of the incident, what data was affected, and steps we are taking to remediate.

Access to production systems by Admiresty employees requires multi-factor authentication, is granted on a strict need-to-know basis, and is fully audit-logged. We do not grant engineers standing access to customer data; access to production databases requires an approved access request and is time-limited.

All employees with access to customer data complete security-awareness training at onboarding and annually thereafter, including secure coding practices, phishing recognition, and incident-reporting procedures.

We handle all customer data in accordance with the GDPR and CCPA. We are actively pursuing SOC 2 Type II certification; our controls audit is ongoing and we expect to complete the audit period in 2026.

Enterprise customers may request a copy of our security questionnaire responses, current pen-test executive summary, or our Data Processing Agreement (DPA). Contact us at security@admiresty.co or see our DPA page.