Tenant Isolation & RBAC
Strict data segregation with role-based access control. Each workspace operates in complete isolation.
Audit Logs & Webhook Verification
Every action is logged with immutable timestamps. Signed webhook requests with HMAC verification.
Encryption in Transit & at Rest
End-to-end encryption for all data. TLS 1.3 for transport, AES-256 for storage.
Detailed Controls
Comprehensive security features for production environments.
Data Isolation Model
Multi-tenant architecture ensures complete data segregation. Each workspace operates independently with isolated compute and storage.
Access Control & Roles
Role-based access control (RBAC) with granular permissions. Define custom roles or use built-in templates for common patterns.
Logging & Retention
Comprehensive audit logs capture all system events. Configurable retention policies to meet compliance requirements.
Webhook Signing (HMAC)
All outbound webhooks are signed using HMAC-SHA256. Verify authenticity on your end using the shared secret.
SSO/SAML (Roadmap)
Enterprise single sign-on with SAML 2.0 support. Coming soon.
Request Security Brief
We can share detailed security documentation under NDA.
We can share details under NDA.
Security FAQ
Where is data stored?
Data is stored in secure, SOC 2-ready infrastructure. Specific region information available upon request under NDA.
How are webhooks verified?
Every webhook payload includes an HMAC-SHA256 signature in the X-Signature header. Use your webhook secret to verify authenticity on your servers.
What retention options are available?
Retention policies vary by plan. Starter includes 30 days, Pro includes 90 days, and Enterprise offers custom retention periods to meet compliance needs.
When will SSO/SAML be available?
SSO/SAML is on our roadmap for Enterprise plans. Contact sales for timeline and early access information.
Questions about security?
Contact us for detailed security documentation and compliance information.