MoonBase

Security

Security at MoonBase

Founder filings, analyst sign-offs, and investor diligence trails are sensitive. We treat them that way.

Infrastructure

  • SOC 2 Type II controls in flight, audit window closing Q3 2026.
  • All data encrypted in transit (TLS 1.3) and at rest (AES-256).
  • Production database isolated per environment, daily encrypted backups, 30-day point-in-time recovery.
  • Row-level security enforced on every user-scoped table.

Access

  • SSO + WebAuthn available for institutional seats.
  • API keys hashed (SHA-256) at rest; rate-limited per key.
  • Quarterly access reviews; least-privilege for staff.

Reporting a vulnerability

Email reach@moonrig.io with a proof-of-concept. We acknowledge within 24h and respond to critical reports within 72h. A formal bug-bounty launches alongside SOC 2 completion.