Security & trust
Security is ongoing work. This page summarizes our baseline practices; we will expand it as we ship enterprise features and formal certifications.
Transport and access
Dashboard and API traffic should be served over HTTPS in production environments. Authentication protects operator access to configuration, incidents, and subscriber data.
Data handling
Monitoring data and status page configuration are stored for service delivery and troubleshooting. Retention and regional placement follow your deployment and contract—contact us for DPA or custom requirements.
Operational security
We recommend workspace admins use strong passwords, limit project access, and review audit trails as those features become available in your plan tier.
Reporting
Found a vulnerability? Contact us through the responsible disclosure process your account team shares during onboarding—we will publish a dedicated address before broad production launch.