Security at Stakpak

At Stakpak, we prioritize your security and privacy. We understand that your infrastructure configurations are sensitive, which is why we’ve built strict safeguards to ensure they’re handled responsibly. This section outlines how we protect your data when you use Stakpak to analyze, index, and interact with your infrastructure via our LLM-based solutions.

Data Security Practices

1. Encryption & Access Control

   • All data transferred between your systems and Stakpak is encrypted in transit using TLS

   • Access to your configurations is restricted to Stakpak employees with a legitimate business need (e.g. help you resolve issues), enforced via role-based access control (RBAC)

   • We don't store your passwords, nor your Stakpak API keys in plain text

   • We use an encrypted secret vault to manage the secrets used to run our software, and this vault is encrypted with a key management system

2. Data Minimization & Retention

   • We process only the data required to provide our services, such as infrastructure definitions and configuration files

   • No raw credentials (e.g. API keys, secrets) are stored—Stakpak operates on static analysis of your configurations, never executing or deploying code directly from our servers (you shouldn't hardcode any secrets in your configuration files)

   • Data stored in our systems is retained only as long as needed for analysis or per your explicit consent. You can request deletion anytime through the support

How We Use Your Data

Stakpak’s analysis engine processes your configurations (e.g., Kubernetes files, Terraform code, Dockerfiles) to generate contextual insights and code suggestions. We do NOT train AI models on your data without your permission, and our systems are designed to never execute untrusted code on your behalf.

Contact Us

For security concerns, incidents, or detailed questions, report immediately to contact@stakpak.com. We respond promptly to all inquiries.