SECURITY

Heplon connects to your live platform, so where your data lives and what our agents can touch matters. Here is how both work.

WHERE YOUR DATA LIVES

Data from your connected systems is processed by Heplon. You choose where that happens.

DEFAULT

We host it for you

  • A single-tenant AWS environment, dedicated to you, that you get access to.
  • We connect to your services over public endpoints, AWS Direct Connect or the Heplon proxy.
  • Heplon only connects to systems you have set up a connection for.
  • Your data is only ever stored or processed inside AWS.
OPTIONAL

You host it yourself

  • If you need to keep everything in house, we support a fully self-hosted deployment.
  • None of your data leaves your own infrastructure.
  • This is a higher-touch setup. We work with you directly to make sure it fits your environment and you get a good experience.

DATA HANDLING

Your code

  • We do not retain a copy of your source code. When an agent needs it, your code is checked out transiently into an isolated sandbox in your single-tenant AWS environment, and the sandbox is destroyed after the run.
  • To power Heplon, we build and store a knowledge graph derived from your repositories: a structural map of your components and how they interact. It lives in your single-tenant AWS environment.
  • The graph may include identifiers and signatures from your code, but not full source files.

Logs and telemetry

  • We store operational logs for 90 days to run, secure, and troubleshoot the service.
  • After 90 days, logs are deleted or de-identified.
  • Like everything else, logs stay inside your AWS environment.

AI processing

  • We run our models through Amazon Bedrock, inside the same AWS environment as the rest of your deployment.
  • Your data does not hit an external LLM provider’s infrastructure.
  • We do not train on your data.

PERMISSION MODEL

Heplon never gets blanket access to your systems. Everything is scoped to roles you define, and agents inherit only what a role is allowed to see.

You define the roles.

Set up or import roles such as developer or platform engineer. For each role you choose which live systems and docs it can reach. Different roles can see different systems and authenticate in different ways.

You choose how each connection authenticates.

For every connection on a role, pick one of:

  • A dedicated service account.
  • Inherit the user’s own permissions via OAuth.

How agents use those roles

Troubleshooting

Heplon acts as the role of the user who triggered it. It can only see the knowledge and live state exposed by the connections set up for that role. The agent runs in a sandbox that holds only those credentials.

Code review

Works exactly like troubleshooting. The agent runs as the triggering user’s role, in a sandbox limited to that role’s connections and credentials.

Platform insights and improvements

You choose which of your roles power this feature. The agents that generate insights can only access what those roles can access, nothing more.

INFRASTRUCTURE AND SUBPROCESSORS

AWS is our only data processing subprocessor.

Heplon runs entirely on AWS. Your data is stored and processed inside a single-tenant AWS environment, and model inference runs on Amazon Bedrock within that same environment.

We do not hand your data to any other third-party processor.

HOW WE OPERATE

Encryption

  • In transit: TLS 1.3 for data moving between clients, the service, and connected systems.
  • At rest: AES-256 encryption for stored data.

Access control

  • Access to production systems is limited to authorized personnel with a business need.
  • We apply least-privilege access and review it periodically.
  • Administrative access requires strong authentication.
  • We keep immutable audit logs of access and key actions for security analysis.

Secure development

  • Code review and change controls.
  • Dependency and vulnerability scanning.
  • Separate dev, staging, and production environments.
  • Security testing and periodic assessments.

INCIDENT RESPONSE AND RESILIENCE

Incident response

We maintain an incident response process to investigate, contain, remediate, and communicate security events.

Customer notifications

If we confirm a security incident affecting your data, we will notify you consistent with our contractual and legal obligations.

Backups and recovery

We maintain backups to support service continuity and disaster recovery. Data deleted from active systems may remain in backups until the backup retention period expires.

YOUR RESPONSIBILITIES

Security is shared. To keep your deployment safe, we ask that you:

  • Use strong authentication and enforce MFA where possible.
  • Manage access with least privilege and remove inactive accounts promptly.
  • Avoid putting secrets in any text inputs, logs, or prompts submitted to the service.

COMPLIANCE

COMPLIANT

GDPR

As a Germany-based company, we are fully GDPR compliant. Your data is handled in line with European data protection law.

IN PROGRESS

SOC 2

We are not SOC 2 certified yet. We are an early-stage team building toward formal certification, and in the meantime we follow the practices it expects: single-tenant isolation, least-privilege access, and keeping your data inside infrastructure you control.

If you have a security review, questionnaire, or specific compliance requirement, we are happy to walk through it with you. Just reach out.

REPORT AN ISSUE

Found a vulnerability, or have a question about how we handle your data? Email us and we will get back to you.

security@heplon.com