Security Posture

Operational data — accounts, listings, inquiries, payments, audit logs — is stored in AWS Asia Pacific (Mumbai), region ap-south-1. A subset of processing (error monitoring, AI inference for traffic initiated from the Anthropic or OpenAI APIs, transactional email) is performed by sub-processors outside India under written data-processing contracts. Full provider list: /privacy § Sub-processors.

• In transit: TLS 1.2+ on every public endpoint, TLS 1.3 preferred. No weak ciphers (ALB policy ELBSecurityPolicy-TLS13-1-2-2021-06, AEAD-only suites).
• At rest: AWS-managed encryption on all data stores (RDS, ElastiCache, S3, Secrets Manager, EBS). Envelope encryption via KMS.
• Secrets: No secrets in source or in .tfvars files committed to git. AWS Secrets Manager + Terraform data sources throughout.

• AWS IAM least-privilege; no long-lived access keys for production.
• Cognito user pools front all end-user auth — phone OTP and passkey primary, email fallback.
• OAuth 2.1 server (RFC 9700 best-practice profile) gates the public MCP and ChatGPT Actions surface. JWT access tokens RS256, 15-minute TTL, refresh-token rotation single-use, DPoP sender-constrained.
• Admin actions require a privileged role plus per-request audit log (agent_tool_calls + Cognito group membership).

• Dependabot enabled on the source repository. Critical and high alerts are triaged within 7 days; moderate within 30 days.

• Separate Prisma datasource pointed at the read replica — no public traffic on the internal write pool.
• Dedicated Redis logical DB for public throttles — no cache eviction of internal session keys.
• Per-IP rate limits plus per-IP cache-miss budget; circuit breaker on the public surface independent of the internal one.
• Origin-header allowlist (Anthropic / OpenAI / first-party) plus an Anthropic-IP allowlist in the AWS WAF (priority 0).
• OAuth bearer tokens redacted in all logs — Sentry beforeSend interceptor plus NestJS request scrub on Authorization headers and OAuth params (code, state, code_verifier).

AVnester operates under Indian law and is designed to meet the “reasonable security practices and procedures” standard required by IT Act §43A and the IT (Reasonable Security Practices) Rules, 2011, and the safeguards required by DPDPA §8. Internal controls map to ISO/IEC 27001 Annex A categories (access control, cryptography, operations security, supplier relationships, incident management) — we are not currently ISO 27001 / SOC 2 certified, and we will not represent otherwise until an independent audit is complete.

Security incidents and confirmed personal-data breaches are triaged immediately by the founder-led on-call. Personal-data breaches affecting users are notified to the Data Protection Board of India and impacted users without undue delay, in line with DPDPA §8(6). Reportable cyber incidents are notified to CERT-In within the timelines set by the CERT-In Directions of 28 April 2022.

Vulnerability disclosure: security@avnester.com. We acknowledge within 48 hours, triage within 5 business days, and provide a remediation timeline for confirmed issues. Critical exploitable issues (RCE, broken auth, sensitive-data exposure) target 7-day remediation; high-severity 30 days; medium 90 days.

We welcome good-faith security research. AVnester will not pursue civil or criminal action against researchers who:

• access only their own test accounts or accounts they are explicitly authorised to test;
• avoid degrading service availability, exfiltrating bulk user data, or modifying / destroying production data;
• disclose privately to security@avnester.com and give us a reasonable window to remediate before any public disclosure.

The public connector ships with three independent kill switches (env-flagged, no redeploy needed): full-surface disable, anonymous-tier disable, and reviewer-bypass toggle. All three are exercised against staging before submission.

Vulnerability disclosure: security@avnester.com