CodeDigSecurity
How CodeDig protects your code and data.
Data Handling
CodeDig clones your repositories into ephemeral, isolated environments for analysis. Raw source code is not persisted after analysis completes — only the extracted metadata (symbols, dependencies, findings) is stored. Each tenant's data is logically isolated at the database level.
Encryption
All data is encrypted in transit (TLS 1.2+) and at rest. API keys and access tokens are hashed before storage. We never log sensitive credentials.
Access Controls
CodeDig uses role-based access control (RBAC) with support for SSO via OIDC, SAML, and LDAP. API access is authenticated via scoped API keys with configurable rate limits.
Compliance
We are pursuing SOC 2 Type II certification, with an expected completion in Q3 2026. In the meantime, we follow SOC 2 controls as a baseline for our internal security practices. For details on our current security posture, contact security@codedig.ai.
Responsible Disclosure
If you discover a security vulnerability, please report it to security@codedig.ai. We appreciate responsible disclosure and will acknowledge your report within 48 hours.