INFORMATION SECURITY
We prioritize information security at the highest level
Analytics:
In alignment with the operational security requirements of our client base, no analytical tracking, behavioral profiling, or user-level analytics are utilized within our software and they will never be integrated. Our software is engineered with a security-first architecture, adhering to strict confidentiality protocols and ensuring the integrity and protection of all mission-critical data.
Acquisition:
In the event CyberWarfare AI is acquired by another entity, no client lists, custom project details, or proprietary source code will be shared, disclosed, or transferred. Only the company name and information pertaining to publicly available projects may be included in the acquisition. Under no circumstances will confidential client information or source code be made accessible to the acquiring party.
Authentication:
In early 2026, all of our software will require the use of CAC authentication.
Business Records:
We maintain only minimal business records, strictly adhering to federal law. Any information eligible for redaction is promptly redacted.
All records are digitized and stored exclusively on FIPS 140-3 Level 3/TAA Compliant fully encrypted SSD’s.
All physical paperwork is destroyed using Security Level 6 micro-cut shredders, compliant with NSA/CSS 02-01 & NSA/CSS 04-02 standards.
Data Security (Client Contact Data):
Client contact data is never stored online.
All client contact information is kept fully offline and encrypted using quantum-resistant encryption.
Emergency Contact Information Requests:
Emergency requests for contact information, if any exists, are only fulfilled in response to a verified and signed National Security Letter (NSL) that has been approved, authenticated, and subjected to challenge protocols.
Information Retention:
We retain only the minimal information required by federal law.
For technical support inquiries, no tickets or records are created. There is no retained documentation of support requests.
Communications from prospective clients who do not become clients are not retained once verification is completed.
We do not retain client communications such as emails or phone calls whatsoever.
Information Sharing:
We do not share client information with any third party unless required by a verified court order signed by a judge. Any such order will be carefully verified and challenged before disclosing any non-classified information, if applicable.
Projects:
All source codes for client projects are stored entirely offline on FIPS 140-3 Level 3 and TAA-compliant, fully encrypted SSD’s. Each project is secured with unique encryption keys and maintained in a fully decentralized and encrypted format.
Social Media:
To protect client confidentiality, we do not utilize social media platforms.
News Media:
We do not provide information or comments to the media regarding non-public projects.
Website Privacy:
Our website is designed to retain minimal data. Any external links may have their own privacy policies, and we encourage you to review them for specifics.
Our website & downloads are hosted on AWS GovCloud (US) for compliance & security.
Data:
We do not store or manage your data or biometrics.
Our software is designed for use on on-premise servers, where data is maintained locally by the agencies using our products.
For any questions regarding data these agencies may hold, contact them directly to verify software use and request information they may have.
This approach mitigates risk, as data laws generally do not apply to government or law enforcement agencies.
Updated: 10-12-2025