How Mintlify is improving security

Mintlify's response to a security incident in March 2024 involves a comprehensive overhaul of its security measures to prevent future vulnerabilities. Key improvements include implementing AES256-GCM encryption for data at rest, ceasing the storage of GitHub OAuth tokens and internal admin tokens, and replacing them with session-based access controls. Furthermore, the company has introduced a responsible disclosure program to encourage proactive identification of security issues, enhanced email infrastructure authentication, and reduced the attack surface area by eliminating non-critical endpoints. These actions reflect Mintlify's commitment to safeguarding customer data and maintaining transparency with its users.