Reporting channel
- PGP
4096R / 9F1A 8C24 BD33 41E7 5D29 0AB6 7C84 E2F1 0000 0000Full key on the Trust Center. Encrypt sensitive reproductions.
- SLA
- Acknowledgement within 1 business day. Triage decision within 5 business days.
Security
How ScopeMantle secures your data.
The technical posture behind the Trust Center. Read this before signing the DPA.
§ 0 · THREAT MODEL
The threat model we're designed against.
ScopeMantle is built assuming the most common supply-chain attack vector of 2024–2026: a small vendor holding broad OAuth tokens on behalf of thousands of downstream enterprises is compromised, and the attacker uses those tokens to pivot into the downstream orgs (Salesloft Drift, Gainsight, Snowflake customers, Context.ai → Vercel). Every design decision below is calibrated against that threat model.
The ScopeMantle connectors themselves are therefore engineered on the same principles we sell: read-only scopes, encrypted-at-rest credentials (AES-GCM with quarterly rotation), HMAC-signed OAuth state tokens bound to user + tenant, and no persistent session tokens. We want to be the last vendor you'd worry about in this chain.
§ 1 · ARCHITECTURE
Architecture summary.
ScopeMantle reads from your identity sources over OAuth with read-only scopes, seals the resulting credentials in an AES-GCM vault, normalizes events through a stable schema, and writes them into a customer workspace pinned to the region you choose at provisioning time. No customer data crosses that region boundary, in transit or at rest. There are no public database endpoints; every data path runs through authenticated, rate-limited application services.
§ 2 · AUTH
Authentication & authorization.
| Control | Implementation |
|---|---|
| API authentication | All endpoints require a JWT bearer token issued by the auth service. Tokens are short-lived (15 min) with refresh-token rotation; revocation propagates within 60 seconds. |
| Authorization model | Per-user, per-tenant ownership verification on every request. Tenant ID is derived from the token, never trusted from the request body or query string. |
| Password storage | bcrypt with cost factor 12. No legacy hashes in the database; rolled forward on login. |
| Identifier hashing | User and domain identifiers stored as SHA-256 digests for log redaction and join keys. |
| Rate limiting | Per-IP and per-tenant limits on /auth, /discovery, and /connections/test endpoints. Exponential backoff on repeated failures. |
| SSO | SAML 2.0 and OIDC available on Business and Enterprise. JIT provisioning supported; group-to-role mapping configurable. |
| SCIM | SCIM 2.0 for user/group provisioning on Business and Enterprise. PATCH operations supported; deprovisioning reflects in the workspace within 5 minutes. |
§ 3 · NETWORK
Network & input.
| Control | Implementation |
|---|---|
| CORS | Strict allowlist per environment. Wildcard origins are forbidden by deployment policy and rejected at config-load time. |
| SSRF protection | Outbound request URLs are resolved through a validated DNS layer. RFC 1918 ranges, link-local addresses, and metadata service endpoints (169.254.169.254) are blocked at the HTTP client layer. |
| Input validation | All API inputs validated by typed Pydantic schemas with extra="forbid". Unexpected fields cause a 422 before any handler runs. |
| Error responses | Production error responses sanitized: no stack traces, no SQL fragments, no internal IDs. A correlation ID is returned for support; full detail is captured in internal observability only. |
| Transport | TLS 1.3 only on public endpoints. HSTS preload, max-age 63072000. |
§ 4 · SECRETS
Secrets & credential management.
| Control | Implementation |
|---|---|
| Credential encryption at rest | All connector credentials (OAuth refresh tokens, API keys, service-account JSONs) sealed with AES-GCM. Per-tenant data encryption keys; KMS-managed key encryption keys. |
| Key rotation | Key encryption keys rotated on a quarterly schedule. Customers can request an out-of-band rotation at any time; new keys are deployed without downtime. |
| OAuth state | OAuth state tokens are HMAC-signed, bound to the initiating user and tenant, and expire after 5 minutes. Replays and cross-tenant reuse are rejected at the callback handler. |
| Google Workspace verification | Before accepting a Google Workspace OAuth grant, ScopeMantle verifies super-admin status via the Directory API and refuses installs by non-admins. Prevents accidental workspace-wide installs by individual employees. |
| API surface | Credentials are write-only at the API. No endpoint returns a stored secret, even to the user that uploaded it. Health checks return a redacted fingerprint only. |
§ 5 · SCOPES
OAuth scope minimization, integration by integration.
Every scope ScopeMantle requests, with the operational reason it exists. Scopes not on this page are not requested. Write scopes are opt-in per tenant and gated by an explicit toggle in your workspace settings.
| Scope | What we use it for |
|---|---|
| Okta | |
okta.users.read | Enumerate the user directory for app rosters. |
okta.apps.read | List assigned and unassigned applications in the org. |
okta.groups.read | Resolve group-mediated app assignments. |
okta.logs.read | Stream Okta system log events into the normalized event schema. |
okta.policies.read | Identify authentication and assurance policies. |
| Google Workspace | |
admin.directory.user.readonly | Enumerate workspace users. |
admin.directory.group.readonly | Resolve group memberships. |
admin.directory.orgunit.readonly | Map users to organizational units. |
admin.directory.token.readonly | Inventory OAuth grants per user across third-party apps. |
admin.reports.audit.readonly | Pull Admin and Login audit log events. |
| Microsoft Entra | |
Application.Read.All | Enumerate enterprise applications and service principals. |
DelegatedPermissionGrant.Read.All | Inventory user-consented OAuth grants. |
AppRoleAssignment.Read.All | Map application role assignments to users and groups. |
Directory.Read.All | Read users, groups, and directory roles. |
AuditLog.Read.All | Stream Entra audit and sign-in events. |
| Slack | |
admin.apps:read | Enumerate installed apps and custom integrations. |
admin.users:read | Resolve workspace users for app authorization mapping. |
auditlogs:read | Stream workspace audit log events (Enterprise Grid). |
team:read | Identify the workspace and team metadata. |
| Jira | |
read:jira-user | Resolve Jira account IDs for ticket assignees. |
write:jira-work | Open governance tickets from policy actions. |
read:jira-work | Read back ticket status to close the loop on policy actions. |
| ServiceNow | |
incident.write | Create incidents and requests from policy actions. |
incident.read | Read back incident state to close the loop. |
user.read | Resolve assignee sys_ids when opening incidents. |
| Splunk · Datadog · Elastic · Sumo (SIEM destinations) | |
destination.write (HEC token / API key) | One-way delivery of the normalized event stream into your SIEM. ScopeMantle never reads from your SIEM. |
§ 6 · DATA HANDLING
Data handling.
| Control | Implementation |
|---|---|
| Data minimization | ScopeMantle reads metadata: app inventories, OAuth grants, scope sets, audit-log headers. We do not read email bodies, calendar contents, file contents, or chat messages. |
| Retention | 30-day default for governance events. Configurable up to 12 months on Business; custom on Enterprise. Retention windows are enforced by per-tenant scheduled jobs and verified weekly. |
| Tenant deletion | "Delete my tenant" is self-serve from the workspace settings. All tenant data, primary stores, search indexes, and backups, is destroyed within 7 days. A signed deletion attestation is emailed to the tenant administrator. |
| Backups | Encrypted with the same AES-GCM scheme as primary data. Region-pinned. 35-day retention with continuous PITR for the last 7 days. |
| Data residency | US (us-east-1) by default. EU (eu-central-1) available on Business and above. APAC residency on the roadmap; ETA published on the Trust Center. |
§ 7 · INFRASTRUCTURE
Infrastructure.
| Control | Implementation |
|---|---|
| Cloud | AWS us-east-1 (primary). AWS eu-central-1 for EU-residency customers. |
| Network isolation | All compute in private VPC subnets. No public database endpoints. Egress restricted to allowlisted destinations through a NAT gateway. |
| Database | MongoDB Atlas with connection pooling, IP allowlist tied to the ScopeMantle VPC NAT, and per-region cluster pinning. No cross-region replication of customer data. |
| Transport | TLS 1.3 on all public surfaces and intra-VPC service mesh. mTLS between core services. |
| Penetration testing | Quarterly third-party penetration tests by an established assessor. Executive summaries are published on the Trust Center; full reports are available under NDA to Enterprise customers. |
§ 8 · DISCLOSURE
Responsible disclosure.
Scope
In scope
- app.scopemantle.com
- api.scopemantle.com
- auth.scopemantle.com
- OAuth callback flows on every supported integration
- Customer workspaces (with prior written authorization)
Out of scope
- Marketing site (scopemantle.com)
- Status page
- Third-party SaaS we use (report to the vendor)
- Social engineering of ScopeMantle employees
- Physical attacks against ScopeMantle offices
- DoS / volumetric testing
Bounty ranges
Indicative tiers; final award depends on impact, novelty, and report quality.
| Severity | Range (USD) |
|---|---|
| Critical | $5,000 – $15,000 |
| High | $1,500 – $5,000 |
| Medium | $500 – $1,500 |
| Low | $100 – $500 |
Safe harbor
ScopeMantle will not pursue civil or criminal action against researchers who, in good faith, comply with this policy. We consider research conducted under this policy to be authorized access under the relevant computer-fraud statutes (CFAA in the US, equivalent in other jurisdictions). Make a good-faith effort to avoid privacy violations, data destruction, and service degradation; stop at first proof of concept; do not access or modify customer data beyond what is necessary to demonstrate the issue.
§ 9 · COMPLIANCE
Compliance attestations.
| Framework | Status | Artifact |
|---|---|---|
| SOC 2 Type II | In progress (Q3 2026 target) | Bridge letter under NDA |
| ISO 27001 | Roadmap (post SOC 2) | , |
| GDPR | Ready | DPA · Sub-processors list |
| CCPA | Ready | Privacy Policy |
| HIPAA | Ready | BAA available on Enterprise |
§ 10 · CHANGELOG
Security-material changes.
Quarterly KEK rotation completed
Customer-data encryption keys rotated to new KEK. No downtime; no customer action required.
SSRF allowlist tightened
Outbound HTTP client now blocks AWS metadata service and link-local addresses by default; allowlist required for any destination outside our integration set.
Q1 third-party penetration test completed
Independent assessor; no critical or high findings. Executive summary on the Trust Center.
OAuth state token TTL reduced
Reduced from 10 minutes to 5 minutes; HMAC binding to user + tenant unchanged.
EU-region general availability
eu-central-1 cluster opened for Business and Enterprise customers requiring EU residency.
Tenant deletion attestation
Self-serve tenant deletion now emits a signed attestation to the tenant administrator within 7 days of completion.
TLS 1.2 deprecated on public surfaces
Public endpoints now require TLS 1.3. HSTS preload max-age increased to 63072000.
Google Workspace super-admin verification
OAuth callback for Google Workspace now refuses installs by non-super-admins to prevent accidental workspace-wide installs.
Find the Context.ai in your org before the attacker does.
15-minute connection. First inventory in an hour. Vendor risk scores for every third party by tomorrow.
Trusted by security and privacy teams at 50+ organizations.