Security
The product is not currently available for purchase. Checkout is not enabled. Purchases are 100% prohibited on this pre-launch site.
Security Posture
Schoenwald SRE is designed around a static public site and a private review workflow. The public website does not collect workflow files and does not run automation analysis.
The product direction is privacy-oriented and data-minimizing. Security work focuses on responsible handling of exported automation blueprints, client-safe report output, and clear launch boundaries.
Current Public-Site Boundary
| Capability | Current status |
|---|---|
| Public file upload | Disabled |
| Public analysis endpoint | Disabled |
| Account system | Disabled |
| Payment checkout | Disabled |
| Payment webhook receiver | Disabled |
| Customer dashboard | Disabled |
| Production credential intake | Prohibited without approved secure intake |
Customer Artifact Handling
Customer blueprint material should move only after scope, access, retention, deletion, and redaction boundaries are agreed.
Client reports should avoid raw workflow payloads, credentials, account identifiers, and private implementation details.
Security Claim Boundaries
This page is not a certification, legal opinion, or compliance certification. It does not claim any SOC 2 status, issued audit status, security guarantee, or privacy guarantee.
Schoenwald SRE is not affiliated with, endorsed by, or certified by Make.com or Celonis.
Before Hosted Intake TODO
Before any hosted intake path is enabled, the launch plan must define:
- [TODO] approved intake architecture;
- [TODO] payload size limits;
- [TODO] file type boundaries;
- [TODO] bot and abuse controls;
- [TODO] storage boundaries;
- [TODO] retention and deletion evidence;
- [TODO] customer artifact redaction;
- [TODO] operator approval before provider mutation.
Questions about security posture can be sent to humbertoschoenwald@proton.me.