Security Information

Encryption

Infrastructure

• Hosted on Google Cloud Platform (GCP) — europe-west2 region
• ISO 27001, SOC 2 Type II, and PCI DSS certified data centres
• 99.9% uptime SLA with automated failover
• Daily encrypted backups with 30-day retention
• DDoS protection via Google Cloud Armor
• Network traffic restricted by VPC firewall rules

AI & Data Isolation

Each user's farm data is logically isolated. Our AI inference pipeline runs in sandboxed containers — your images and queries are never exposed to other users or persisted by the AI provider beyond the duration of a single request.

We do not use your personal farm data to train our AI models without your explicit consent. Anonymised, aggregated pattern data may be used to improve general disease detection accuracy.

Access Control

• Role-Based Access Control (RBAC): Internal employees access only the data required for their role
• Multi-Factor Authentication (MFA): Required for all internal systems access
• Audit Logs: All data access by internal staff is logged and reviewed quarterly
• Zero Trust Architecture: No implicit trust — every internal request is authenticated and authorised

Vulnerability Management

• Automated dependency scanning via Dependabot — critical CVEs patched within 24 hours
• Annual third-party penetration testing
• OWASP Top 10 reviewed in every release cycle
• Responsible disclosure programme (see below)

Report a Vulnerability

We take security reports seriously. If you discover a potential security vulnerability in agrisphere, please report it responsibly:

• Email: security@agrisphere.com
• Include: description, steps to reproduce, potential impact
• We will acknowledge receipt within 48 hours and aim to resolve critical issues within 7 days
• We request you do not publicly disclose the vulnerability until we have issued a fix

We do not currently offer a bug bounty programme, but we recognise all valid reports with credit (if desired).