Hello!
We as an organization are looking to purchase Business plan.
But we have the following considerations regarding our use of SaaS.
Thank you in advance for your time and please help in answering our questions.
- Network encryption
- Is there encryption between the Cursor client and server? If so, can you disclose the cipher protocol version, cipher algorithm, and cipher strength used?
- Data encryption
- Is there encryption for data stored on the Cursor server? If so, can you disclose the cipher protocol version, cipher algorithm, and cipher strength used?
- Anti-malware
- Is anti-malware software installed on the Cursor server? If not, is there any reason why it should not be installed, for example, if it is a serverless infrastructure?
- Authentication
- Are measures (e.g., encryption, hashing) taken to protect password data in authentication? Also, do you use encrypted communication in the authentication flow? If so, what algorithms are used and how strong are they?
- IP restriction
- Is it possible to restrict access to the Cursor server by the IP address of the connection source?
- Vulnerability scanning
- Has Cursor performed third-party vulnerability assessments (web application diagnostics, platform diagnostics, penetration testing, etc.)?
- Has Cursor been evaluated by a third-party certification body (SOC2, SOC1, etc.)? In addition, has the company obtained ISMS (ISO27001)?
- Data management
- Is it possible to provide (return) or delete all of the group’s data stored in Cursor to the group at the end of the contract and upon cessation of service?
- Data center
- What is the country name of Cursor’s data center location?