Security

This page summarizes the security posture of amsleroperations.com — the marketing site and its contact form pipeline. Detailed product-level security is covered in each product’s trust pack, available on request via [email protected].

All amsleroperations.com traffic is encrypted with TLS 1.3 via Cloudflare. HSTS is enabled. There are no mixed-content fallbacks, and HTTP requests are redirected to HTTPS at the edge.

Contact form submissions are stored in encrypted Google Workspace (Sheets) and forwarded to a self-hosted n8n instance behind authenticated access. No Protected Health Information is collected anywhere on this site, and the contact form is not a clinical channel.

Production systems require SSO + multi-factor authentication for all Amsler Labs personnel. Least-privilege access is enforced across infrastructure — hosting, secrets, CRM storage, and email — with role separation between operational and engineering access.

Detailed product-level security — row-level multi-tenancy across 58 tables, SAML 2.0 + OIDC SSO with auto-discovery by email domain, full audit logging, encryption at rest, and FAA Part 135 enforcement — is covered in each product’s trust pack. Available on request via [email protected].

Security researchers and customers can report concerns to [email protected]. We acknowledge legitimate reports within 24 hours and will coordinate disclosure timelines with the reporter. Good-faith research that does not exfiltrate data, disrupt service, or affect third parties will not be subject to legal action from Amsler Labs LLC.

DPA, BAA (where applicable), and SOC posture summaries are available on request to qualified parties. Email [email protected] with your organization, intended product, and procurement stage and we will route the right packet.