Security

Security is foundational to everything we build. Learn about our practices and commitments.

Encryption at Rest & Transit

All data is encrypted using AES-256 at rest and TLS 1.3 in transit.

SOC 2 Type II Compliant

Our infrastructure and processes are independently audited annually.

Isolated Execution

Agent executions run in isolated containers with strict resource limits.

Access Controls

Role-based access control with audit logging for all actions.

Regular Audits

Third-party penetration testing and security assessments quarterly.

Incident Response

24/7 monitoring with defined incident response procedures.

Infrastructure Security

AgentHeap runs on enterprise-grade cloud infrastructure with multiple layers of security. Our systems are hosted in SOC 2 certified data centers with physical security controls, redundant power, and network connectivity. We implement defense in depth with firewalls, intrusion detection, and continuous monitoring.

Data Protection

Customer data is encrypted at rest using AES-256 and in transit using TLS 1.3. We maintain strict data access controls and all access is logged and audited. Agent execution data is isolated per customer and automatically purged according to configurable retention policies.

Vulnerability Disclosure

We maintain a responsible disclosure program and welcome security researchers to report vulnerabilities. If you discover a security issue, please email security@agentheap.dev. We commit to responding within 24 hours and working with you to resolve issues promptly.

Need more details?

Enterprise customers can request our security documentation and compliance reports.

Contact Security Team