Advancing the Future of Software Development
We enable developers and organizations to maximize their potential by prioritizing security, privacy, compliance, and transparency as we develop and iterate on CodeVista.
Motivation & Significant
Security
At CodeVista, we prioritize the security and privacy of our users’ data. We implement robust security measures to ensure that all data interactions within our platform are protected against unauthorized access and breaches. Our multi-layered security approach includes secure transmission, encryption, third-party testing, and certification, providing comprehensive protection for our users.
- Data Encryption in Transit: CodeVista uses Transport Layer Security (TLS) to encrypt data during transmission. This ensures that data exchanged between users and our services is protected against interception and unauthorized access, maintaining the confidentiality and integrity of the information.
- Data Encryption at Rest: For data stored within our infrastructure, CodeVista employs industry standard encryption protocols in compliance with FIPS Publication 140-2 standards. This ensures that data remains secure even when stored, protecting it from unauthorized access and potential breaches.
- Audits and Certifications: CodeVista has achieved several industry-recognized certifications, including SOC 2 Type I, demonstrating that we have the necessary controls in place to protect the security of our services. We are also working towards obtaining a SOC 2 Type II certification, which will further validate the effectiveness of our security practices over time.
- ISO 27001 Certification: CodeVista is included in the scope of our partner’s Information Security Management System, as reflected in our ISO 27001 certification. This certification demonstrates our commitment to implementing robust security processes and standards across our platform.
- External Penetration Testing: CodeVista undergoes regular external penetration testing to identify and address potential vulnerabilities. These tests are conducted by reputable third-party security firms and provide us with actionable insights to enhance our security measures continuously.
- Access Controls: We implement strict access controls to ensure that only authorized personnel have access to sensitive data. This includes role-based access controls (RBAC) and multi-factor authentication (MFA) to verify user identities.
- Regular Security Assessments: CodeVista conducts regular security assessments and vulnerability scans to identify and mitigate potential security risks. These assessments help us to stay ahead of emerging threats and continuously improve our security posture.
- Incident Response Plan: We have a comprehensive incident response plan in place to quickly and effectively address any security incidents that may arise. This plan includes procedures for detecting, reporting, and responding to security breaches, ensuring minimal impact on our users and services.
- Data Anonymization:To further protect user privacy, CodeVista anonymizes data whenever possible. This reduces the risk of identifying individuals from the data, enhancing overall privacy and security.
Privacy
CodeVista processes personal data based on how the data is accessed and used, whether through various IDE extensions or features like command line interface (CLI) suggestions and IDE code completions.
- User Engagement Data: This includes pseudonymous identifiers captured from user interactions with CodeVista, such as accepted or dismissed completions, error messages, system logs, and product usage metrics.
- Prompts: These are inputs for chat or code, along with contextual information, sent to CodeVista’s AI to generate suggestions. Suggestions: These are the AI-generated code lines or chat responses provided to users based on their prompts.
- Feedback Data: This comprises real-time user feedback, including reactions (e.g., thumbs up/down) and optional comments, as well as feedback from support tickets. CodeVista is committed to ensuring the privacy and security of user data through several key measures.
Intellectual Property
When addressing intellectual property and open source issues, it is essential to understand how CodeVista operates. The AI models powering CodeVista’s suggestions may be trained on publicly available code, but they do not store or replicate any code. Instead, when generating a suggestion, CodeVista does not “copy and paste” from any existing codebase.
Still thinking about it?
Unleash the power of AI within CodeVista. Upgrade your productivity with CodeVista, the AI-Powered Chat Assistant