Update SECURITY.md for v1.1.x

Symbiont OSS Sync · Symbiont OSS Sync · commit 6d3d2873ff80 · 2026-02-13T14:09:04.000-08:00
diff --git a/SECURITY.md b/SECURITY.md
@@ -6,7 +6,11 @@ The following versions of Symbiont are currently supported with security updates
 
 | Version | Supported          |
 | ------- | ------------------ |
-| 0.1.x   | :white_check_mark: |
+| 1.1.x   | :white_check_mark: |
+| 1.0.x   | :white_check_mark: |
+| < 1.0   | :x:                |
+
+*Last updated: 2026-02-13*
 
 ## Reporting a Vulnerability
 
@@ -18,7 +22,7 @@ We take security vulnerabilities seriously. If you discover a security vulnerabi
 
 Instead, please:
 
-1. **Email**: Send details to security@symbiont.dev
+1. **Email**: Send details to security@thirdkey.ai
 2. **Subject**: Include "SECURITY" in the subject line
 3. **Content**: Include the following information:
    - Description of the vulnerability
@@ -45,29 +49,41 @@ Instead, please:
 When using Symbiont in production:
 
 1. **Keep Updated**: Always use the latest supported version
-2. **Secrets Management**: Use the built-in secrets management system properly
-3. **Sandboxing**: Enable and configure appropriate sandboxing levels
-4. **Access Control**: Implement proper authentication and authorization
-5. **Monitoring**: Enable audit logging and monitor for suspicious activity
-6. **Network Security**: Run Symbiont in a properly secured network environment
+2. **Secrets Management**: Use the built-in encrypted secrets store with a strong KDF password; prefer OS keychain or Vault key providers over environment variables
+3. **Sandboxing**: Use Docker, gVisor, or Firecracker for untrusted code; never use the native sandbox in production
+4. **Tool Verification**: Run in strict enforcement mode to ensure only verified MCP tools are executed
+5. **API Keys**: Enable per-agent API key authentication for all HTTP endpoints; rotate keys regularly
+6. **Rate Limiting**: Keep rate limiting enabled to prevent abuse and resource exhaustion
+7. **Audit Logging**: Enable audit logging in strict mode and monitor for suspicious activity
+8. **Network Security**: Run Symbiont in a properly secured network environment with TLS
+9. **Policy Rules**: Define explicit allow/deny policies for agent capabilities and tool access
 
 ### Security Features
 
 Symbiont includes several security features:
 
-- **Sandboxed Execution**: Isolated execution environments for agents
-- **Secrets Management**: Encrypted storage and secure access to sensitive data
-- **Audit Logging**: Comprehensive logging of security-relevant events
-- **Policy Engine**: Fine-grained access control and security policies
-- **Signed Container Images**: Docker images are signed with cosign
+- **Sandboxed Execution**: Tiered isolation (Docker, gVisor, Firecracker, E2B) with resource limits via rlimit and process-group kill on timeout
+- **Native Sandbox Hardening**: Process-group isolation (`setpgid`/`killpg`), CPU/memory/file-size limits, empty-by-default allowed executables, shell warnings
+- **Secrets Management**: AES-256-GCM encrypted file store with Argon2 KDF, file locking (fd-lock), mtime-based decryption cache, env/keychain/file/Vault key providers
+- **Per-Agent API Key Authentication**: Argon2-hashed API keys with file-backed key store
+- **Per-IP Rate Limiting**: Governor-based rate limiting middleware (configurable, default 100 req/min)
+- **Tool Verification (SchemaPin)**: Cryptographic schema verification for MCP tool invocations with configurable enforcement policies (strict/permissive/development/disabled)
+- **Agent Identity (AgentPin)**: Domain-anchored ES256 cryptographic identity verification for AI agents
+- **Sensitive Argument Redaction**: Schema-driven masking of sensitive tool parameters in logs
+- **Audit Logging**: Comprehensive logging of security-relevant events with strict/permissive failure modes
+- **Policy Engine**: Fine-grained access control and security policies with DSL-defined rules
+- **Model I/O Logging**: Encrypted interaction logs with configurable retention
 
 ### Security Considerations
 
 - Symbiont executes arbitrary code as defined in agent configurations
+- The native sandbox provides resource limits but **not** full isolation — use Docker/gVisor/Firecracker/E2B for untrusted code
+- Native sandbox is blocked in production (`SYMBIONT_ENV=production`)
 - Ensure proper network isolation and access controls
-- Regularly review and audit agent configurations
+- Regularly review and audit agent configurations and policy rules
 - Monitor system resources and API usage
 - Use encryption for data at rest and in transit
+- Rotate API keys and secrets periodically
 
 ## Vulnerability Management
 
@@ -90,16 +106,17 @@ We maintain an internal vulnerability management process:
 
 We monitor our dependencies for known vulnerabilities:
 
-- Regular dependency updates
-- Automated vulnerability scanning
+- **cargo-deny**: License and vulnerability auditing via `deny.toml`
+- Regular dependency updates with Cargo lockfile pinning
+- Automated vulnerability scanning in CI
 - Review of dependency security advisories
 - Prompt patching of vulnerable dependencies
 
 ## Contact
 
 For security-related questions or concerns:
 
-- Security Email: security@symbiont.dev
+- Security Email: security@thirdkey.ai
 - General Contact: oss@symbiont.dev
 - Website: https://symbiont.dev
 
