Security
Your infra data
stays yours.
ServerConfigs is built for teams who can't afford a security incident. We apply the same rigour to protecting your infrastructure data that you apply to your infrastructure itself.
Security controls
Read-only access
ServerConfigs never modifies your infrastructure. All integrations operate with the minimum permissions necessary to read live state — no write, no delete, no execute.
Encryption at rest and in transit
All data is encrypted with AES-256 at rest. All communication uses TLS 1.3. Encryption keys are rotated automatically and managed by AWS KMS.
No data retention by default
Query responses are ephemeral by default. We do not store your infrastructure state beyond the session unless you explicitly enable workspace memory.
SSO & SAML 2.0
Authenticate via your existing identity provider. We support Okta, Google Workspace, Microsoft Entra, and any SAML 2.0-compliant provider.
Role-based access control
Scope what each team member can query. Engineers can be restricted to their own accounts, regions, or resource types — with full audit logging.
SOC 2 Type II
ServerConfigs is SOC 2 Type II certified. Our latest report is available to enterprise customers under NDA.
Security practices
Security contact
To report a vulnerability, request our SOC 2 report, or discuss enterprise security requirements, reach us directly.
[email protected]