Security
How we protect your code and data.
Memory-safe by default
Rust backend, no buffer overflows or use-after-free. Memory safety is enforced at compile time.
Open source
Apache 2.0 licensed on GitHub. Code is auditable by your security team before you deploy.
Local-first architecture
Your data lives on your machine first.
Infrastructure
Network isolation
Private subnets with strict access controls.
Secrets management
Dedicated vault for secrets and keys. Secrets are zeroed from memory after use.
Geo-redundant backups
Automated database backups across regions. Audit logs retained for 90 days.
Managed hosting
Auto-scaling containerized deployment with managed patching and automated security updates.
Encryption & Auth
TLS everywhere
FIPS-capable cryptographic backend with TLS 1.2+ enforced on all connections. Data encrypted in transit and at rest.
Authentication
OAuth 2.0 with PKCE, Ed25519 signed sessions.
Have a security concern or want to report a vulnerability? Email security@vibekanban.com