.png&w=96&q=75){kind=small}
Security Report
A transparent overview of our security infrastructure, practices, and commitment to protecting our members.
Last updated: March 2026
Security Overview
The Lion & Sun Tech Association was built with security as its foundation, not an afterthought. Every architectural decision — from server location to data handling — is made with the safety of our members in mind, particularly those operating under authoritarian surveillance. Our threat model accounts for state-level adversaries.
Security Measures
End-to-End Encryption
All sensitive communications and stored data use AES-256 encryption at rest and TLS 1.3 in transit. Confidential member data is additionally protected with zero-knowledge encryption.
No-Logs Architecture
Our systems are architected to produce zero logs. No IP addresses, connection timestamps, session identifiers, or browsing patterns are recorded at any point in our infrastructure.
Secure Infrastructure
Servers are located in privacy-friendly jurisdictions with no data-sharing agreements with authoritarian governments. All servers use full-disk encryption and secure boot.
Network Isolation
Member data is compartmentalized across isolated network segments. A breach in one system cannot cascade to compromise other members' data or the broader infrastructure.
Access Controls
All administrative access requires multi-factor authentication, hardware security keys, and is logged with cryptographic audit trails. Access follows strict least-privilege principles.
Regular Audits
Independent third-party security audits are conducted regularly. Our open-source tools are peer-reviewed and publicly auditable by the security community.
Infrastructure Metrics
Our infrastructure is designed for resilience, security, and reliability. Below are our current operational metrics.
AES Encryption Standard
Uptime Guarantee
Data Breaches to Date
Incident Response
In the event of a security incident, our response team follows a strict protocol: immediate containment, forensic analysis, member notification within 24 hours, and a public transparency report. We believe our members have the right to know about any event that could affect their safety.
Report a security concern: security@lionandsuntech.org (PGP encrypted email supported)
Responsible Disclosure
We welcome security researchers who discover vulnerabilities in our systems. Please report them responsibly to security@lionandsuntech.org. We commit to acknowledging reports within 48 hours, providing updates on remediation, and crediting researchers (with their consent). We will never pursue legal action against good-faith security researchers.