> ## Documentation Index
> Fetch the complete documentation index at: https://docs.firebender.com/llms.txt
> Use this file to discover all available pages before exploring further.

# Security

> Security considerations and configurations for Firebender business users

## Cloud Agent Security & Privacy

Cloud Agents execute code in secure, isolated sandbox environments. Here's what you need to know:

### Data Handling

| Aspect             | Details                                                                             |
| ------------------ | ----------------------------------------------------------------------------------- |
| **Data Storage**   | No source code is stored beyond the active agent session                            |
| **Data Retention** | Code and files exist only during execution, automatically deleted when session ends |
| **Data Location**  | All execution occurs in the United States                                           |
| **Network Access** | Cloud Agents have full internet access to perform development tasks                 |
| **Training**       | Your code is never used for AI model training                                       |

### Infrastructure Security

Cloud Agent sandbox environments are provided by [Daytona.io](https://daytona.io), which maintains:

* **SOC 2** and **SOC 2 Type 1** certification
* **ISO/IEC 27001** certification
* **GDPR** compliance
* **HIPAA** compliance
* Encryption-at-rest (AES-256)
* Audit logging and access monitoring
* Regular penetration testing

For more details, visit [Daytona's Trust Center](https://trust.daytona.io).

### Policy Documents

For comprehensive information about how we handle your data:

<CardGroup cols={2}>
  <Card title="Code Policy" icon="code" href="https://firebender.com/privacy/code-policy">
    Zero data retention policy, third-party AI providers, and Cloud Agent infrastructure details
  </Card>

  <Card title="Privacy Policy" icon="shield-check" href="https://firebender.com/privacy/privacy-policy">
    How we collect, use, and protect your personal data
  </Card>

  <Card title="Terms of Service" icon="file-contract" href="https://firebender.com/terms/terms-of-service">
    Service terms including Cloud Agent execution responsibilities
  </Card>

  <Card title="Data Use Overview" icon="database" href="https://firebender.com/privacy/data-use">
    Simple overview of data handling and privacy settings
  </Card>
</CardGroup>

### Security Contacts

* **Security vulnerabilities**: [security@firebender.com](mailto:security@firebender.com)
* **Privacy inquiries**: [privacy@firebender.com](mailto:privacy@firebender.com)
* **General support**: [help@firebender.com](mailto:help@firebender.com)

***

## Network Configuration

Firebender makes requests to the following domains to communicate with our backend. If you're behind a corporate proxy, please whitelist these domains to ensure that Firebender works correctly:

* `*.firebender.com/*`: Used for all API requests and backend communication.

<Note>
  If you're using Firebender in a corporate environment with network restrictions, ensure these domains are accessible through your firewall and proxy configurations.
</Note>

## Enterprise Certificate Handling

### SSL Certificate Trust Issues

In enterprise environments, you may encounter SSL certificate trust issues when Firebender attempts to connect to our backend services. This typically manifests as errors like:

```
PKIX path building failed: sun.security.provider.certpath.SunCertPathBuilderException: unable to find valid certification path to requested target
```

Firebender's HTTP client is synced with the certificates that IntelliJ loads. Make sure your enterprise certificates are recognized by IntelliJ by following the [IntelliJ SSL Certificates documentation](https://www.jetbrains.com/help/idea/ssl-certificates.html).

If you're still facing issues, contact [help@firebender.com](mailto:help@firebender.com).