Detection
Production runs structured request/response logging, per-tenant rate-limit metrics, AI usage logging, and an audit log of every mutation. Anomalies (unexpected authentication failures, AI-quota outliers, error rate spikes) surface in operator dashboards and trigger investigation. Backend errors flow to a centralised tracker.
Containment
- Per-tenant kill-switches. Limena ops can disable a tenant’s AI access, revoke all API keys, or freeze new mutations independently per tenant.
- Token revocation. Sign-out-everywhere revokes every active refresh token for a user; tenants can revoke API keys per-key from Settings → API keys.
- Credential rotation. JWT signing keys, encryption master key, and third-party API tokens have documented rotation runbooks.
Communication
For confirmed security incidents affecting tenant data, Limena commits to:
- notification_window
- within 72 h of confirmation
- notified_via
- tenant owner’s email of record
- notification_includes
- scope · data affected · containment status · recommended actions · follow-up timeline
For incidents that do not affect tenant data (for instance an internal outage with no data exposure), we still surface the status on the in-app banner + status page and write a post-mortem to hello@limena.io on request.
How to reach us
Suspect an issue? Email hello@limena.io. See also the public /.well-known/security.txt for our RFC 9116 contact + reporting policy.