syscyber
Security & privacy

Your data stays on your infrastructure. Here's exactly how.

Self-hosted by design, with sensitive data anonymized before any AI analysis and every action written to an immutable audit trail.

Data flow

Architecture overview

Your Server

  • Agent scans locally
  • Code stays here
  • Data anonymized before sending
Anonymized only

syscyber Cloud

  • No raw source code
  • No IP addresses or hostnames
  • No secrets or credentials

6-stage anonymization

Before anything leaves your environment.

1

IP addresses

Replaced with tokens

2

Hostnames

Replaced with generic identifiers

3

Email addresses

Stripped

4

API keys & secrets

Redacted

5

Custom patterns

Configurable per organization

6

PII scan

Final validation pass before transmission

The anonymization engine has 34 dedicated tests. It's not an afterthought — it's the foundation.

What happens to your data in the cloud?

Only anonymized findings are ever sent for AI analysis.

The AI processing layer retains data for a maximum of 7 days, then permanently deletes it.

Your data is never used to train any model.

Enterprise-grade data protections apply to all AI processing.

What runs on your servers?

A single self-contained binary — no heavy runtimes or interpreters to install.

CPU throttled to <5% of available resources.

Offline-capable: results are queued locally and sync when connectivity returns.

Runs as an unprivileged service. No root required for scanning.

Verified on: Ubuntu 20.04/22.04/24.04, Debian 12, RHEL/Rocky 9, Amazon Linux 2023.

Compliance readiness

syscyber is designed with security-first principles. We are working toward:

SOC 2 Type II audit (in progress)

GDPR compliance (data minimization by design)

ISO 27001 alignment

Questions about our security practices?

security@syscyber.in