Security you can trust

Your media assets are protected by enterprise-grade security at every layer — from upload to delivery.

SOC 2
Type II Certified

Annual third-party audits verify our security controls meet the highest standards.

GDPR
Compliant

Full compliance with EU data protection regulations including data residency options.

256-bit
AES Encryption

All data encrypted at rest and in transit using industry-standard encryption protocols.

How we protect your data

Encryption Everywhere

TLS 1.3 for all API traffic. AES-256 encryption at rest. Signed URLs prevent unauthorized access to your assets.

Access Controls

Role-based permissions, API key scoping, IP allowlisting, and signed URL tokens for granular access management.

Infrastructure Security

Isolated VPCs, network segmentation, WAF protection, and DDoS mitigation across all edge locations.

Vulnerability Management

Continuous scanning, annual penetration testing, and a responsible disclosure program with bug bounty rewards.

Data Residency

Choose where your original assets are stored. Available regions include US, EU, APAC, and custom locations.

Audit Logging

Complete audit trail of all API access, configuration changes, and administrative actions with 90-day retention.

Have security questions?

Our security team is available to discuss your requirements and provide documentation.

Contact Security Team