Trust & Security

Security & Data Privacy

We know we're asking for access to your crown jewels. Here is exactly how we handle your data.

No Model Training

Your proprietary code is never used to train base models or fine-tune our pipelines.

Zero Retention LLMs

All LLM calls use Enterprise APIs with strict zero-day retention policies. No caching.

In-Memory Parsing

AST parsing happens securely. Source code fragments are dropped immediately after graph edge generation.

The InfoSec Guarantee

TuringMind Code Intelligence was built by security engineers who understand the friction of enterprise vendor reviews. We designed our architecture to default to privacy.

1. The Gobbler Pipeline (AST Parsing)

When you connect a GitHub repository, our Gobbler pipeline parses the Abstract Syntax Tree (AST) to generate the Semantic Graph Index. This process happens securely within our isolated tenant boundaries. The raw source files are processed purely in-memory and are not persistently stored on disk after the semantic relationships are extracted.

2. Retrieval and LLM Boundaries

We use enterprise-grade LLM APIs (e.g., Azure OpenAI) with explicit zero-retention agreements. When the Security Orchestrator queries your graph index, the code snippets provided in the prompt are discarded by the LLM provider immediately after the response is generated. Your code is never used for model training.

3. GitHub Integration Permissions

The TuringMind GitHub App requests the absolute minimum permissions required to operate:

  • Read-only access to code (for AST ingestion).
  • Read/Write access to Pull Requests and Checks (to post reviews and block CI if thresholds are met).
  • No access to organizational secrets or administrative settings.

Compliance & Certifications

We are actively pursuing SOC 2 Type II and ISO 27001 certifications. For pre-revenue design partners, we offer custom deployment options, including dedicated VPCs, to meet your immediate compliance requirements.

Have questions for your InfoSec team? Contact our founders directly.

Connect your repo and eliminate 95% of SCA noise today.

Book a technical deep-dive