π‘οΈ Security Overview
MarkoCyber is committed to maintaining the highest standards of security for our platform, our customers' data, and the broader digital ecosystem. We apply the same rigorous security practices internally that we recommend to our clients.
Our security program is built on three pillars: prevention, detection, and response. We invest continuously in all three areas to stay ahead of the evolving threat landscape.
Our Promise: We treat your data as if it were our own. Every decision we make prioritizes the confidentiality, integrity, and availability of the information you entrust to us.
π Data Protection
All customer data is protected using industry-leading encryption standards both at rest and in transit.
Encryption Standards
- Data at rest: AES-256 encryption across all storage systems, including databases, file stores, and backups
- Data in transit: TLS 1.3 for all communications, with forward secrecy enabled
- Key management: Hardware Security Modules (HSMs) for cryptographic key storage and rotation
- Database encryption: Transparent Data Encryption (TDE) on all production databases
Data Residency
We offer data residency options across multiple regions to help you comply with local data protection regulations:
- United States β Primary data centers in Virginia and Oregon
- European Union β Frankfurt, Germany and Dublin, Ireland
- United Kingdom β London data center
- Asia-Pacific β Singapore and Sydney facilities
Your data never leaves your selected region without explicit authorization. Cross-region data transfers follow strict protocols compliant with GDPR, CCPA, and regional requirements.
Data Classification
We classify all data into four tiers: Public, Internal, Confidential, and Restricted. Each classification tier has specific handling, storage, and access requirements that are enforced through automated policy controls.
π Compliance & Certifications
MarkoCyber maintains a comprehensive compliance program with regular third-party audits to validate our security posture.
ποΈ
SOC 2 Type II
Annually audited
We undergo annual penetration testing by independent third parties and conduct continuous automated vulnerability scanning across our entire infrastructure.
ποΈ Infrastructure Security
Our infrastructure is designed for resilience, availability, and defense in depth.
Cloud Architecture
- Multi-region deployment across 3+ availability zones with automatic failover
- 99.99% uptime SLA with redundant systems at every layer
- DDoS protection through multi-layered mitigation at the network edge
- Web Application Firewall (WAF) with custom rulesets updated daily
Network Security
- Zero-trust network architecture β no implicit trust between services
- Micro-segmentation with strict firewall policies between all network zones
- Intrusion Detection and Prevention Systems (IDS/IPS) monitoring all traffic
- Full packet capture and retention for forensic analysis
Monitoring & Logging
All infrastructure events are centrally logged with a minimum 12-month retention period. Our 24/7 Security Operations Center monitors alerts in real-time with automated response capabilities for known threat patterns.
Quarterly Pen Tests: We engage independent red teams to perform full-scope penetration testing of our infrastructure, applications, and internal processes every quarter.
π Access Control
We enforce the principle of least privilege across all systems and implement multiple layers of authentication.
- Multi-factor authentication (MFA) required for all employees and all production systems
- Hardware security keys (FIDO2/WebAuthn) mandatory for access to production environments
- Role-based access control (RBAC) with quarterly access reviews
- Just-in-time (JIT) access for privileged operations with automatic expiration
- Session management: Automatic timeout after 15 minutes of inactivity
- Single Sign-On (SSO) with SAML 2.0 and OAuth 2.0 support for enterprise customers
All access to customer data is logged, audited, and requires explicit business justification. Access logs are immutable and retained for a minimum of 24 months.
π¨ Incident Response
Our Incident Response Team (IRT) operates 24/7/365 with documented procedures for every category of security event.
Response Timeline
- Detection: Mean time to detect (MTTD) under 10 minutes for critical threats
- Containment: Automated containment within 30 seconds for known attack patterns
- Customer notification: Within 72 hours of confirmed data breach, in compliance with GDPR and applicable regulations
- Post-incident report: Detailed root cause analysis provided within 5 business days
Incident Classification
We classify incidents into four severity levels β P1 (Critical), P2 (High), P3 (Medium), and P4 (Low) β each with defined response times, escalation paths, and communication protocols.
Active Incident? If you believe you've discovered a security issue, contact our SOC immediately at +1 (888) 742-5911 or email security@markocyber.io.
π₯ Employee Security
Our people are our first line of defense. We invest heavily in security culture and training.
- Background checks: Comprehensive screening for all employees before onboarding
- Security training: Mandatory annual security awareness training with quarterly phishing simulations
- Confidentiality agreements: All employees sign NDAs and acceptable use policies
- Device management: Company-managed devices with full disk encryption, endpoint detection, and remote wipe capability
- Clean desk policy: Enforced across all offices
- Offboarding: Immediate access revocation upon termination, with hardware return within 24 hours
π Vulnerability Disclosure
We believe in the security community and welcome responsible disclosure of vulnerabilities.
Bug Bounty Program
We maintain an active bug bounty program with rewards ranging from $100 to $15,000 depending on severity and impact. All reports are taken seriously and investigated promptly.
Reporting Process
- Submit findings to security@markocyber.io with detailed reproduction steps
- We acknowledge receipt within 24 hours
- Initial assessment and severity classification within 72 hours
- Regular updates on remediation progress
- Public credit (with your permission) after the fix is deployed
Safe Harbor: We will not pursue legal action against security researchers who follow responsible disclosure practices and act in good faith.
π Third-Party Security
We carefully vet all third-party vendors and subprocessors that handle customer data.
- All vendors undergo security assessment before onboarding
- Critical vendors are re-assessed annually
- Data Processing Agreements (DPAs) in place with all subprocessors
- Continuous monitoring of vendor security posture through automated tools
- Right to audit clause included in all vendor contracts
A current list of subprocessors is available upon request. Customers are notified 30 days in advance of any new subprocessor additions.
ποΈ Data Retention & Deletion
We retain customer data only for as long as necessary to provide our services and meet legal obligations.
Retention Periods
- Active account data: Retained for the duration of the service agreement
- Threat intelligence data: Anonymized and aggregated after 90 days
- Security logs: Retained for 12 months minimum, 24 months for audit trails
- Backup data: Retained for 30 days after deletion from primary systems
Data Deletion
Upon account termination or written request, we permanently delete all customer data within 30 days. Deletion is verified through automated processes and certified upon request. We use cryptographic erasure for encrypted data stores and NIST 800-88 compliant sanitization for physical media.