Security & Trust

InfraCaptain is designed with security at its core. Your infrastructure data is monitored safely and transparently.

Security Principles

The InfraCaptain agent operates with minimal read-only permissions. It can view system metrics and status, but cannot modify configurations or data.

All data transmitted between your servers and InfraCaptain is encrypted using industry-standard TLS encryption.

We're clear about exactly what data we collect. No hidden telemetry, no unexpected access requests.

Every action, alert, and event is logged. You can always see what InfraCaptain has accessed and when.

InfraCaptain focuses only on infrastructure signals. Your sensitive data stays private.

We never request database credentials or access your database contents, queries, or schemas.

We don't need or store your AWS, GCP, Azure, or other cloud provider access keys.

The agent doesn't read file contents or access your application data or storage.

We never access S3 buckets, object storage, or other data storage services.

Only infrastructure signals necessary for monitoring

System metrics (CPU, RAM, Disk, Network)

Process names and resource usage

Service status and restart events

Cron job execution results

SSL certificate expiry information

Domain registration status

Configuration file modification timestamps

Open port listings

Agent runs with minimal system permissions

Open source agent code available for audit

Industry-standard encryption (TLS 1.3)

Regular security updates and patches

SOC 2 Type II compliance (in progress)

GDPR and privacy regulation compliant

No third-party data sharing

Secure credential storage using industry best practices

You maintain complete control. The agent can be uninstalled at any time with a single command, and all monitoring will stop immediately.

sudo infracaptain uninstall

We're happy to discuss our security practices in detail.