SismoSmartSeismic monitoring for buildings

Security

Collect less. Protect what's left.

That's the basic rule. The website is live before the product launch, but the same rule guides the device side.

Minimal data by default

The device should only send what's needed: motion, environment, status, and event time. Nothing else.

Consent before analytics

Web analytics load only after consent. You can reset that choice from the footer.

Encrypted transport

The site uses HTTPS and security headers. Device traffic is designed encrypted end-to-end.

No secrets in the browser

Private keys and service tokens stay in server settings or GitHub Secrets, never in client code.

Vulnerability reporting

If you find a security issue on the site or in pre-launch materials, write to info@sismosmart.com. Responsible disclosure is appreciated and acknowledged.

Device security plan

Pre-launch we're committing to: signed firmware, encrypted flash, two OTA partitions with automatic rollback, per-device unique keys provisioned at the factory. Full security disclosures will go live alongside the device.