Security & Trust

Last updated: June 2026

Zero-Upload Architecture

SimpleBeacon is designed so that your source code never leaves your infrastructure:

• CLI: Runs entirely offline. No network calls unless you explicitly pass --upload.
• Browser Sandbox: Executes in your browser's memory. Wiped when the tab closes.
• IDE Extension: Shells out to local CLI. No cloud API involved.

Data Residency

When you do use cloud features (e.g., team dashboard), your data stays in your chosen region:

• EU Frankfurt, Germany (AWS eu-central-1)
• US Virginia, USA (AWS us-east-1)

No cross-border data transfer. GDPR compliant by design.

Self-Hosting

Enterprise customers receive a Docker image of the SimpleBeacon platform. Run it:

• On-premise
• In a private VPC
• Air-gapped (no internet required after initial image pull)

Offline license tokens are validated locally using HMAC-SHA256. No license server to contact.

Cryptographic Integrity

Every scan report can be integrity-verified:

• SHA-256 hash of the JSON report output
• HMAC-signed with your project-specific license secret
• Auditors can verify reports without logging into SimpleBeacon

Contact

Security questions? [email protected]

← Back to Pricing