Omitly security
Omitly's value proposition is a security claim: your documents are redacted locally, the removal is independently verified, and nothing is uploaded. A claim like that should be falsifiable โ so we publish the evidence.
Posture at a glance
Documents never leave your device. One opt-in network path exists (RFC 3161 timestamping) and sends only a hash โ never content.
Underlying text and image data is removed, then independently re-checked on the output. Default-deny: any uncovered path fails the check.
Our threat model is public. Security by transparency, not obscurity.
What's here
- Threat model โ what we're protecting, what can go wrong, and what we do about it.
- Cryptography โ every cryptographic primitive in the product, its purpose, and its FIPS posture (our CBOM).
- Releases โ a signed security attestation per release: artifact hashes, an OWASP ASVS coverage scorecard, and the evidence behind it.
- Keys โ our signing keys and fingerprints, so you can verify attestations yourself.
- Third-party notices โ the licences of everything we depend on.
- Disclosure โ how to report a vulnerability.
Customers
Current customers can access the full evidence set โ complete SBOM and CBOM documents, raw test output, the full ASVS workbook, and pen-test reports โ by proving a valid licence. Access is itself gated by the same licence cryptography documented on this site.
Latest release attestation
No signed attestation has been published yet โ the first lands with the next release.
Vendor root key
The vendor root fingerprint is published after the signing-key ceremony.