Security

Built for regulated workflows from day one.

Multi-tenancy is enforced at every read. Secrets are AES-encrypted with a rotatable key. Embedded runtimes verify origin against a per-tenant allowlist.

Multi-tenant by default: every read filters by organization id
AES-encrypted secrets with rotatable key — no plaintext at rest
Per-tenant origin allowlist for the Frontend Runtime API
Audit-friendly execution logs per workflow run
SOC 2 posture, PCI-DSS aware patterns, GDPR data processing

Talk to sales Request docs access

Page scaffold · full content shipping in phase 2