Security

Analect is built to help people work with code safely. We try to be transparent about what we protect, how we operate, and what we do not claim.

For individuals

Keep control of your workspace content.

  • You control the code and workspace content you connect to Analect.
  • We keep account and product data scoped to delivering the service.
  • You can contact us to request help with data removal or account questions.

For enterprise

Built for shared use with limited access.

  • Analect is designed to support team use without exposing workspace data unnecessarily.
  • Access to internal systems is limited to authorized team members.
  • We review security issues and fix them before they affect customers when possible.

Security at every step

How we approach security

The goal is simple: reduce risk without over-claiming. These are the practices we use to keep Analect safe and reliable.

Defense in depth

We use standard web security practices, including HTTPS for traffic between your browser and our services and access controls around internal systems.

Responsible product development

We review changes before release and pay attention to risky dependencies, secrets handling, and authentication flows.

Operational monitoring

We monitor for failures and suspicious behavior so we can investigate issues and keep the product stable.

Security reporting

If you think you have found a vulnerability, we want to hear about it and will work with you on a responsible fix.

Security compliance

Compliance and assurance

We do not list certifications we have not earned. If you need information for procurement, a questionnaire, or a review, we can share the current state of our controls.

  • We do not currently advertise third-party certifications that we do not have.
  • If a specific compliance document is required, contact us and we will tell you what is available today.
  • This page reflects product security information, not a legal agreement or warranty.

Reporting

Reporting security issues

If you believe you found a bug or vulnerability, report it to us so we can investigate and respond responsibly.

Contact

Email security@analect.dev.

What to include

Steps to reproduce, expected impact, and any relevant context or screenshots.

What we ask

Please avoid data access beyond what is needed to demonstrate the issue and avoid public disclosure before we have a chance to fix it.