How we protect your data.

Transport

All network traffic to and from Trophos is encrypted with TLS 1.3. We do not accept unencrypted connections.

Storage

Server-side data is encrypted at rest. Credentials are never stored in plain text; auth is handled by a hardened identity provider.

Access

Only a small set of on-call engineers can access production, and every access event is logged. We follow least-privilege access by default.

Responsible disclosure

Found something? Please email security@trophos.ai. We respond within one business day and credit reporters in release notes unless you prefer to stay anonymous.