Security
Your data stays yours
Abendly sanitizes all sensitive data in your browser before anything leaves your machine. No raw logs are ever transmitted or stored.
Your Browser
Raw log with real hostnames, IPs, queue manager names
Sanitization Engine
Regex-based pattern matching strips all PII. Zero network calls.
Abendly API
Receives only sanitized labels: [HOST_1], [QM_1], [CHANNEL_1]
What we never see or store
Never stored
- ✕ Real hostnames or IP addresses
- ✕ Queue manager names
- ✕ Channel names
- ✕ User IDs or credentials
- ✕ Raw unsanitized log text
- ✕ Any personally identifiable data
What we store (sanitized)
- ✓ AMQ / MQRC error codes
- ✓ Generic labels ([HOST_1], [QM_1])
- ✓ Platform and MQ version
- ✓ Fix commands and outcomes
- ✓ Anonymous case fingerprints
- ✓ Resolution time metrics
How sanitization works
- → Runs 100% in your browser
- → Zero network calls during sanitization
- → Regex-based pattern matching
- → Consistent labels per session
- → Mapping file saved locally only
- → You control what gets analyzed
Compliance
Enterprise-ready security posture
SOC 2 Type II
In progress. Target completion: Q4 2026.
Encryption in Transit
All API communication over TLS 1.3. No plaintext transmission.
Encryption at Rest
Stored data encrypted with AES-256. Database hosted on SOC 2 compliant infrastructure.
GDPR Compliant
Data minimization by design. Sanitization removes PII before processing. EU data subjects can request deletion.
CCPA Compliant
California residents: we collect minimal data. No sale of personal information. Deletion requests honored within 30 days.
Data Residency
API hosted on Render (US). Database on Supabase (US-East). Contact us for data residency requirements.
Responsible Disclosure
Found a vulnerability?
We take security seriously. If you discover a vulnerability, please report it responsibly.
Email us at security@abendly.io
We aim to acknowledge reports within 48 hours and resolve critical issues within 7 days.