Security

Security is foundational to everything we build at Pernoex. Your product's knowledge is one of your most valuable assets, and we treat it that way.

Authentication

Pernoex supports email and password authentication as well as Google OAuth for single sign-on. All accounts can enable two-factor authentication with TOTP-based codes and downloadable backup codes for account recovery.

Data Isolation

Every project in Pernoex operates in its own isolated environment. Documents, embeddings, conversations, and analytics are scoped to the individual project and cannot be accessed across project boundaries. Team members only see the projects they have been explicitly invited to.

Access Controls

Pernoex uses role-based access control with three levels: Owner, Admin, and Member. Owners have full control over billing and team management. Admins can manage projects and settings. Members can interact with the platform within assigned projects. Invitation links expire and can be revoked at any time.

Domain Restrictions

Project owners can restrict which domains are allowed to load the Pernoex integration. This prevents unauthorized embedding and ensures the cognition layer only runs on your approved websites.

Infrastructure

Pernoex runs on hardened cloud infrastructure with encrypted storage volumes, network isolation between services, and automated backups. All connections use TLS 1.2 or higher.

API Key Security

Public API keys are scoped per project and can be rotated at any time from the dashboard. Keys are prefixed for easy identification and are designed to be safe for client-side embedding. Server-side operations require authenticated sessions.

Responsible Disclosure

If you discover a security vulnerability, please email us at [email protected]. We take all reports seriously and will respond promptly.