Credential isolation
Every operator brings their own credentials. Tokens and API keys are encrypted at rest with envelope encryption, scoped to the user, and never shared across workspaces. OAuth uses short-lived access tokens with refresh rotation. Revoking a connection invalidates the next run immediately.
Runtime isolation
Agent runs execute in isolated workers. Credentials are decrypted into the worker, used for the tool call, and disposed of immediately. Logs and event streams never contain plaintext credentials.
Data residency
Production data is stored in encrypted Postgres in US regions. Enterprise customers can request EU residency.
Transport security
TLS 1.2 or higher on every endpoint. HSTS enabled. No HTTP fallback for authenticated traffic.
Audit and logging
Pro and Enterprise workspaces get an audit log of agent changes, run starts, and credential connections. Enterprise extends retention.
Access controls
Per-workspace roles (owner, admin, member). SAML SSO available on Enterprise. Per-agent webhook URLs use unguessable signed tokens.
Spend safety
Every workspace has a daily cost ceiling. When reached, new runs are paused rather than charged. A runaway loop cannot drain your card.
Compliance roadmap
SOC 2 Type 1 is in progress. DPA available for Pro and Enterprise. Sub-processor list maintained at /legal/sub-processors.
Reporting a vulnerability
Use our security contact form with reproduction steps. We respond within one business day.