Security built for messaging at scale
Encryption, isolation, and auditability at every layer — so your most sensitive customer communication stays protected and accountable.
Encryption everywhere
TLS 1.3 in transit and AES-256 at rest. Provider credentials and secrets are encrypted and isolated per tenant.
Role-based access control
Seven granular roles — Owner, Admin, Manager, Campaign Manager, Inbox Agent, Billing Viewer, and Read Only — scoped per workspace with least-privilege defaults.
Audit logs
Every action is captured in an immutable, exportable ledger with actor, timestamp, and full context.
Signed webhooks
Outbound webhooks are HMAC-signed and verifiable, so your systems can trust every event we send.
SSRF protection
Webhook and callback URLs are validated against an allowlist with private-range blocking to prevent SSRF.
Tenant isolation
Multi-tenant workspaces enforce strict data, routing, and billing separation between every customer.
The Immutable Message Ledger
Every send, login, permission change, and webhook is written to a tamper-evident ledger. Export it for security reviews, reconcile it against billing, and prove exactly what happened, when.
Need our security documentation?
Request our SOC 2 report, pen-test summary, and DPA from the sales team.
Request documents →